Vulnerabilities > Trihedral

DATE CVE VULNERABILITY TITLE RISK
2022-11-02 CVE-2022-3181 Improper Input Validation vulnerability in Trihedral Vtscada
An Improper Input Validation vulnerability exists in Trihedral VTScada version 12.0.38 and prior. A specifically malformed HTTP request could cause the affected VTScada to crash.
network
low complexity
trihedral CWE-20
7.5
2017-11-06 CVE-2017-14031 Improper Privilege Management vulnerability in Trihedral Vtscada
An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior.
local
low complexity
trihedral CWE-269
7.8
2017-11-06 CVE-2017-14029 Uncontrolled Search Path Element vulnerability in Trihedral Vtscada
An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior.
local
low complexity
trihedral CWE-427
7.8
2017-06-21 CVE-2017-6053 Cross-site Scripting vulnerability in Trihedral Vtscada
A Cross-Site Scripting issue was discovered in Trihedral VTScada Versions prior to 11.2.26.
network
low complexity
trihedral CWE-79
6.1
2017-06-21 CVE-2017-6045 Information Exposure vulnerability in Trihedral Vtscada
An Information Exposure issue was discovered in Trihedral VTScada Versions prior to 11.2.26.
network
low complexity
trihedral CWE-200
7.5
2017-06-21 CVE-2017-6043 Resource Exhaustion vulnerability in Trihedral Vtscada
A Resource Consumption issue was discovered in Trihedral VTScada Versions prior to 11.2.26.
network
low complexity
trihedral CWE-400
7.5
2016-06-09 CVE-2016-4532 Path Traversal vulnerability in Trihedral Vtscada
Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to read arbitrary files via a crafted pathname.
network
low complexity
trihedral CWE-22
critical
9.1
2016-06-09 CVE-2016-4523 Out-of-bounds Read vulnerability in Trihedral Vtscada
The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via unspecified vectors.
network
low complexity
trihedral CWE-125
7.5
2016-06-09 CVE-2016-4510 Improper Authentication vulnerability in Trihedral Vtscada
The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentication and read arbitrary files via unspecified vectors.
network
low complexity
trihedral CWE-287
critical
9.1