CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19004 – LAquis SCADA LQS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-19004
LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data exfiltration. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite una lectura fuera de límites a la hora de abrir un archivo de proyecto especialmente manipulado, lo que podría permitir la exfiltración de datos. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LQS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2018-18996 – LAquis SCADA Web Server relatorionome NOME Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-18996
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite la recepción de entradas del usuario sin que estén saneadas o autorizadas correctamente, lo que podría permitir a un atacante ejecutar código remoto en el servidor. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorionome.lhtml. When parsing the NOME Element, the process does not properly sanitize user-supplied data, which can lead to the injection of an arbitrary script. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 92%CPEs: 1EXPL: 0CVE-2018-18990 – LAquis SCADA Web Server Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-18990
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite una ruta proporcionada por el usuario en operaciones de archivo antes de validarse correctamente. Un atacante podría aprovecharse de esta vulnerabilidad para divulgar información sensible en el contexto del proceso del servidor web. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18986 – LAquis SCADA LGX Report Format File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-18986
LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite la apertura de un archivo de formato de informe especialmente manipulado que podría causar el cierre inesperado del sistema, permitir la exfiltración de datos o la ejecución remota de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LGX files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-18998 – LAquis SCADA Web Server Hardcoded Credentials Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2018-18998
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, utiliza credenciales embebidas, lo que podría permitir a un atacante obtener acceso no autorizado al sistema con privilegios altos. This vulnerability allows remote attackers to bypass authentication on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of login requests to the product's webserver. The product contains a hard-coded password for a number of undocumented accounts. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-798: Use of Hard-coded Credentials •