Automated Logic A Carrier Company Webctrl vulnerabilities
2 known vulnerabilities affecting automated_logic_a_carrier_company/webctrl.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-8525P2CRITICALCVSS 10.0v7.02024-11-21
CVE-2024-8525 [CRITICAL] CWE-434 CVE-2024-8525: An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an una
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file.
nvd
CVE-2024-8526P4MEDIUMCVSS 5.9v7.02024-11-21
CVE-2024-8526 [MEDIUM] CWE-601 CVE-2024-8526: A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted
A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously
crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection
of the user to a malicious webpage via "index.jsp"
nvd