CVE-2021-22803

Summary

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbitrary files to folders in context of the DC module, by sending constructed messages on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)

Affected Software

VendorProductVersion RangeStatus
n/aInteractive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior)affected

Weaknesses

  • CWE-434: CWE-434: Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

References