CVE-2018-17899

LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.

Published : 2018-10-17 02:29 Updated : 2019-10-09 23:37

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Lcds Laquis Scada 4.1.0.3870 cpe:/a:lcds:laquis_scada:4.1.0.3870
  1. Lcds (1) Search CVE
    1. Laquis Scada (1) Search CVE
      1. 4.1.0.3870

CWE

ID Name Description Links
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. CVE

History of changes

Date Event
2018-11-30 15:12
2018-10-25 10:29
2018-10-17 02:29

New CVE