RSS   Podatności dla 'Mydesigner'   RSS

2021-11-19
 
CVE-2021-43555

CWE-23
 

 
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.

 
2021-10-04
 
CVE-2021-41578

CWE-22
 

 
mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files. If an attacker can trick a victim into importing a malicious mep file, then they gain the ability to write arbitrary files to OS locations where the user has permission. This would typically lead to code execution.

 

 >>> Vendor: Myscada 2 Produkty
Mypro
Mydesigner


Copyright 2024, cxsecurity.com

 

Back to Top