Vulnerability Details CVE-2018-17899
LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.084
EPSS Ranking 91.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://laquisscada.com/instale1.php
- http://www.securityfocus.com/bid/105719
- https://ics-cert.us-cert.gov/advisories/ICSA-18-289-01
- https://exchange.xforce.ibmcloud.com/vulnerabilities/151420
- http://laquisscada.com/instale1.php
- http://www.securityfocus.com/bid/105719
- https://ics-cert.us-cert.gov/advisories/ICSA-18-289-01
Products affected by CVE-2018-17899
-
cpe:2.3:a:lcds:laquis_scada:4.1
-
cpe:2.3:a:lcds:laquis_scada:4.1.0.3391
-
cpe:2.3:a:lcds:laquis_scada:4.1.0.3870