exploitDog

GHSA-c2vc-v83f-58c3

Опубликовано: 14 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.2

Описание

SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).

SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).

Ссылки

EPSS

Процентиль: 98%

0.45588

Средний

7.2 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2023-30459

CVSS3: 7.2

nvd

почти 3 года назад

SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).

BDU:2023-03548

CVSS3: 7.2

fstec

почти 3 года назад

Уязвимость компонента Setting Handler scada-сервера Elcomplus SmartPPT, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 98%

0.45588

Средний

7.2 High

CVSS3

CVE ID