CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39458 – Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-39458
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of certificates. The service uses a hard-coded default SSL certificate. An attacker can leverage this vulnerability to bypass authentication on the system. • https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new https://www.zerodayinitiative.com/advisories/ZDI-23-1026 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39457 – Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2023-39457
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to the lack of user authentication. The issue results from missing authentication in the default system configuration. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. • https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new https://www.zerodayinitiative.com/advisories/ZDI-23-1025 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39467 – Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-39467
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. • https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new https://www.zerodayinitiative.com/advisories/ZDI-23-1035 • CWE-219: Storage of File with Sensitive Data Under Web Root •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39461 – Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability
https://notcve.org/view.php?id=CVE-2023-39461
Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability. This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of event logs. The issue results from improper sanitization of log output. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. • https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new https://www.zerodayinitiative.com/advisories/ZDI-23-1029 • CWE-117: Improper Output Neutralization for Logs •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39460 – Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2023-39460
Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the creation of event logs. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. • https://www.trianglemicroworks.com/products/scada-data-gateway/what's-new https://www.zerodayinitiative.com/advisories/ZDI-23-1028 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •