cbcvebase.
CVE-2024-8232
published 2024-09-10

CVE-2024-8232: SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication.

PriorityP262high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
13.08%
95.9th percentile
SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
ininet_solutions_gmbhspidercontrol_scada_web_server<= v2.09

Detection & IOCsextracted from sources · hover to see the quote

  • Detect unauthenticated file upload attempts targeting SpiderControl SCADA Web Server (versions v2.09 and prior); monitor for HTTP POST requests uploading files without any authentication headers/session tokens to the web server endpoint.
  • Alert on any file upload activity to SpiderControl SCADA Web Server that could result in arbitrary code execution, particularly uploads of executable or script file types to the HMI web interface.
  • Flag SpiderControl SCADA Web Server instances directly exposed to the internet (no firewall/VPN), as the attack vector is network-based with low complexity and no privileges required (CVSS:3.1/AV:N/AC:L/PR:N/UI:N).
  • ·Affected versions are SpiderControl SCADA Web Server v2.09 and prior; patched version is 3.2.2. Ensure asset inventory reflects version to prioritize exposure.
  • ·The web server is intended for use only in protected/isolated environments; direct internet exposure is explicitly unsupported and significantly increases risk.
  • ·No known public exploitation has been reported at time of advisory publication; however, the vulnerability is remotely exploitable with low attack complexity and no authentication required.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.