RSS   Vulnerabilities for 'Scada web server'   RSS

2015-10-24
 
CVE-2015-1005

 

 
IniNet embeddedWebServer (aka eWebServer) before 2.02 for Windows CE uses cleartext for password storage, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.

 
 
CVE-2015-1003

 

 
Directory traversal vulnerability in IniNet embeddedWebServer (aka eWebServer) before 2.02 allows remote attackers to read arbitrary files via a crafted pathname.

 
 
CVE-2015-1002

 

 
IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string.

 
 
CVE-2015-1001

 

 
Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request.

 


Copyright 2024, cxsecurity.com

 

Back to Top