Skip to main content
CVE-2014-0780 CRITICAL POC KEV PATCH THREAT Act Now

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Path Traversal RCE
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
89.2%
Threat
7.6
CVE-2013-5660 CRITICAL POC THREAT Emergency

Buffer overflow in Power Software WinArchiver 3.2 allows remote attackers to execute arbitrary code via a crafted .zip file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 33.7%.

RCE Buffer Overflow Winarchiver
NVD Exploit-DB VulDB
CVSS 2.0
9.3
EPSS
33.7%
Threat
4.4
CVE-2014-0760 CRITICAL Act Now

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which could. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Authentication Bypass Codesys Runtime System Cecx X C1 Modular Master Controller +2
NVD VulDB
CVSS 2.0
9.3
EPSS
3.4%
CVE-2014-0769 CRITICAL Act Now

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Softmotion Cecx X M1 Modular Controller Codesys Runtime System Cecx X C1 Modular Master Controller
NVD
CVSS 2.0
9.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy