Spidercontrol

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-3329 1Spidercontrol 1Scadawebserver Nov 21, 2024 Aug 2, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could cr...Show more SpiderControl SCADA Webserver versions 2.08 and prior are vulnerable to path traversal. An attacker with administrative privileges could overwrite files on the webserver using the HMI's upload file feature. This could create size zero files anywhere on the webserver, potentially overwriting system files and creating a denial-of-service condition.Show less
CVE-2018-18991 1Spidercontrol 1Scada Webserver Nov 21, 2024 Dec 4, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions prior to 2.03.0001) could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to t...Show more Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions prior to 2.03.0001) could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser.Show less
CVE-2017-14010 1Spidercontrol 1Scada Microbrowser Nov 21, 2024 Apr 26, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DL...Show more In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system.Show less
CVE-2017-13995 1Spidercontrol 1Ininet Webserver May 13, 2026 Oct 5, 2017 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access s...Show more An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables.Show less
CVE-2017-12728 1Spidercontrol 1Scada Webserver May 13, 2026 Oct 5, 2017 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated priv...Show more An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the context of the current system services.Show less
CVE-2017-12707 1Spidercontrol 1Scada Microbrowser May 13, 2026 Aug 25, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow.
CVE-2017-12694 1Spidercontrol 1Scada Web Server May 13, 2026 Aug 25, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Directory Traversal issue was discovered in SpiderControl SCADA Web Server. An attacker may be able to use a simple GET request to perform a directory traversal into system files.