CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31172 – Incomplete Filtering of Special Elements
https://notcve.org/view.php?id=CVE-2023-31172
31 Aug 2023 — An Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. • https://selinc.com/support/security-notifications/external-reports • CWE-791: Incomplete Filtering of Special Elements •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31171 – Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
https://notcve.org/view.php?id=CVE-2023-31171
31 Aug 2023 — An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. • https://selinc.com/support/security-notifications/external-reports • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31170 – Inclusion of Functionality from Untrusted Control Sphere
https://notcve.org/view.php?id=CVE-2023-31170
31 Aug 2023 — An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. • https://selinc.com/support/security-notifications/external-reports • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31169 – Improper Handling of Unicode Encoding
https://notcve.org/view.php?id=CVE-2023-31169
31 Aug 2023 — An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELer... • https://selinc.com/support/security-notifications/external-reports • CWE-176: Improper Handling of Unicode Encoding CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31168 – Inclusion of Functionality from Untrusted Control Sphere
https://notcve.org/view.php?id=CVE-2023-31168
31 Aug 2023 — An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. • https://selinc.com/support/security-notifications/external-reports • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •