CVE-2018-18990 - AskarLabs CVE Database

CVE-2018-18990

Vendor Ics-Cert

Product LCDS Laquis SCADA

Weakness CWE-23

Published February 5, 2019

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.

Key dates

02Disclosure timeline

February 5, 2019 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-18990

Related vulnerabilities

04Related CVE

CVE-2023-1045 MuYuCMS filesdel.html path traversal CVE-2022-22279 CVE-2026-8361 Gladinet Triofox Path Traversal in WOSDefaultHttpModule.dll CVE-2020-12026 CVE-2023-37913 org.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter