Skip to main content

Rapid Scada

11 CVEs product

Monthly

CVE-2024-47221 HIGH PATCH This Week

CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Brute Force Information Disclosure Rapid Scada
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-22096 MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Rapid Scada
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-22016 HIGH This Week

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Rapid Scada
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-21869 MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rapid Scada
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-21866 MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rapid Scada
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-21794 MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Rapid Scada
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-21764 CRITICAL Act Now

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rapid Scada
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-21852 HIGH This Week

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Rapid Scada
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-44153 MEDIUM POC This Month

Rapid Software LLC Rapid SCADA 5.8.4 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rapid Scada
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2020-22722 HIGH POC This Week

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

File Upload Privilege Escalation Microsoft Rapid Scada
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-5313 HIGH This Week

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Rapid Scada
NVD
CVSS 3.0
7.8
EPSS
0.6%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Brute Force Information Disclosure Rapid Scada
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Rapid Scada
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Rapid Scada
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Rapid Scada
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rapid Scada
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Rapid Scada
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rapid Scada
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Rapid Scada
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Rapid Software LLC Rapid SCADA 5.8.4 is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rapid Scada
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

File Upload Privilege Escalation Microsoft +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Rapid Scada
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy