CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-18234

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0250%
EPSS Percentile38.37th
Published2019年12月23日
Last Modified2024年11月21日

Vulnerability Description

Equinox Control Expert all versions, is vulnerable to an SQL injection attack, which may allow an attacker to remotely execute arbitrary code.

Affected Platforms (CPE)

📦
Equinoxce

Control Expert

All versions

References & Advisories

🔗 https://www.us-cert.gov/ics/advisories/icsa-19-353-02
🔗 https://www.us-cert.gov/ics/advisories/icsa-19-353-02

相关漏洞威胁

CVE-2020-74759.8

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vuln...

CVE-2020-74899.8

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists ...

CVE-2020-282129.8

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control...

CVE-2008-43859.3

Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and exe...