LAquis.SCADA.Web.Server.relatorioindividual.Command.Injection
Description
This indicates an attack attempt to exploit a Remote Code Injection vulnerability in LAquis SCADA Web Server.
A remote, unauthenticated attacker could exploit this vulnerability by sending a request with a crafted HTTP parameter. Successful exploitation results in arbitrary command execution under the security context of the LAquis SCADA process.
Affected Products
LAquis SCADA 4.1.0.3870 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from this website:
https://laquisscada.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |