attacker to upload specially crafted malicious files without
authentication.
Metrics
Affected Vendors & Products
Solution
IniNet Solutions has released a new version of SpiderControl SCADA Server, (3.2.2), to address this issue. It can be found at the following location: https://spidercontrol.net/download/download-area-2/?lang=en
Workaround
IniNet Solutions reminds users that the webserver is designed to be used in a protected environment. IniNet Solutions GmbH recommends that users never connect control system software directly to the Internet. If a user must connect to the Internet, IniNet Solutions GmbH recommends using a managed infrastructure to do so.
Thu, 12 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Spidercontrol
Spidercontrol scada Webserver |
|
CPEs | cpe:2.3:a:spidercontrol:scada_webserver:*:*:*:*:*:*:*:* | |
Vendors & Products |
Spidercontrol
Spidercontrol scada Webserver |
|
Metrics |
ssvc
|
Tue, 10 Sep 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication. | |
Title | iniNet Solutions SpiderControl SCADA Web Server Unrestricted Upload of File with Dangerous Type | |
Weaknesses | CWE-434 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2024-09-12T13:36:10.295Z
Reserved: 2024-08-27T13:40:41.730Z
Link: CVE-2024-8232

Updated: 2024-09-12T13:36:04.981Z

Status : Awaiting Analysis
Published: 2024-09-10T20:15:05.060
Modified: 2024-09-11T16:26:11.920
Link: CVE-2024-8232

No data.

No data.