CyberSec.Space Logo
Back to CVE Browser

CVE-2017-13995

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile13.54th
PublishedOct 5, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

An Improper Authentication issue was discovered in iniNet Solutions iniNet Webserver, all versions prior to V2.02.0100. The webserver does not properly authenticate users, which may allow a malicious attacker to access sensitive information such as HMI pages or modify PLC variables.

Affected Platforms (CPE)

πŸ“¦
Spidercontrol

Ininet Webserver

<= 2.02.0000

References & Advisories

πŸ”— http://www.securityfocus.com/bid/100951
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-17-264-04
πŸ”— http://www.securityfocus.com/bid/100951
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-17-264-04

Related Vulnerabilities

CVE-2017-522610.0

When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioc...

CVE-2017-796410.0

Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote att...

CVE-2017-514510.0

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. S...

CVE-2017-232010.0

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenti...