Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:LAQUIS-SCADA-CE
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	LAquis SCADA Web Server relatorionome NOME Command Injection
Release Date	2019/03/13
Update Number	3150
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: LAquis SCADA Web Server relatorionome NOME Command Injection

This signature detects attempts to exploit a known vulnerability against LAquis SCADA Web Server. A successful attack can lead to arbitrary code execution.

Extended Description

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.

Affected Products

Lcds laquis_scada 4.1.0.3870

References

BugTraq: 106634
CVE: CVE-2018-18996

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: LAquis SCADA Web Server relatorionome NOME Command Injection

Extended Description

Affected Products

References