Vulnerabilidades em Triangle MicroWorks
18 resultadosCVE-2023-39460HIGHTriangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation VulnerabilityEPSS 2.9%CVE-2022-0369HIGHTriangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution VulnerabilityEPSS 2.3%CVE-2014-2342—Triangle MicroWorks SCADA Data Gateway Resource ExhaustionEPSS 1.8%CVE-2023-39457CRITICALTriangle MicroWorks SCADA Data Gateway Missing Authentication VulnerabilityEPSS 1.6%CVE-2023-39464HIGHTriangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution VulnerabilityEPSS 1.6%CVE-2023-39468HIGHTriangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution VulnerabilityEPSS 1.5%CVE-2023-39462MEDIUMTriangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload VulnerabilityEPSS 1.2%CVE-2023-39461MEDIUMTriangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write VulnerabilityEPSS 1.0%CVE-2023-39463HIGHTriangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution VulnerabilityEPSS 1.0%CVE-2023-39459HIGHTriangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation VulnerabilityEPSS 1.0%CVE-2023-39466MEDIUMTriangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure VulnerabilityEPSS 0.9%CVE-2022-38138HIGHThe Triangle Microworks IEC 61850 Library (Any client or server using the C language library with a version number of 11.2.0 or earlier and EPSS 0.8%CVE-2023-39465HIGHTriangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure VulnerabilityEPSS 0.7%CVE-2023-2186HIGHOn Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message iEPSS 0.7%CVE-2023-2187MEDIUMOn Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WeEPSS 0.6%CVE-2023-39467MEDIUMTriangle MicroWorks SCADA Data Gateway certificate Information Disclosure VulnerabilityEPSS 0.5%CVE-2014-2343—Triangle MicroWorks SCADA Data Gateway Resource ExhaustionEPSS 0.3%CVE-2023-39458MEDIUMTriangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass VulnerabilityEPSS 0.2%