← Volver a CVEs
CVE-2017-6020
N/ADescripcion
Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado4/17/2018
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
lcds:laquis_scada
Debilidades (CWE)
CWE-22CWE-22
Referencias
http://www.securityfocus.com/bid/97055(ics-cert@hq.dhs.gov)
https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01(ics-cert@hq.dhs.gov)
https://www.exploit-db.com/exploits/42885/(ics-cert@hq.dhs.gov)
http://www.securityfocus.com/bid/97055(af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/42885/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.