Security Vulnerabilities
Unlimited upload vulnerability for dangerous file types in WinPlus v24.11.27 from Informática del Este. This vulnerability allows an attacker to upload a 'webshell' by sending a POST request to '/WinplusPortal/ws/sWinplus.svc/json/uploadfile'.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-11-18
The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-18
An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-18
Faulty authorization control in software WinPlus v24.11.27 by Informática del Este that allows another user to be impersonated simply by knowing their 'numerical ID', meaning that an attacker could compromise another user's account, thereby affecting the confidentiality, integrity, and availability of the data stored in the application.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-11-18
A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code.
This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
CVSS Score
9.1
EPSS Score
0.0
Published
2025-11-18
A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory.
This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-11-18
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-11-18
A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code.
This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-11-18
SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. This vulnerability requires authentication from a low-level account.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-11-18
In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-11-18