CVE-2021-26828
CVE-2021-26828
In short
OpenPLC ScadaBR allows logged-in users to upload and run malicious JSP files on the server. This lets attackers take control of the system after gaining access to a user account.
Technical detail
Arbitrary file upload vulnerability in view_edit.shtm endpoint affecting OpenPLC ScadaBR (Linux ≤0.9.1, Windows ≤1.12.4). Authenticated users can upload JSP files that execute with server privileges, leading to remote code execution. Attack requires valid credentials but no additional exploitation steps.
Summary generated and translated by AI from the official description.
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/hev0x/CVE-2021-26828_ScadaBR_RCE★ 9githubgithub.com/ridpath/CVE-2021-26828-Ultimate★ 5cve_referencepacketstormsecurity.com/files/162564/ScadaBR-1.0-1.1CE-Linux-Shell-Upload.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://forum.scadabr.com.br/t/report-falhas-de-seguranca-em-versoes-do-scadabr/3615/4http://packetstormsecurity.com/files/162564/ScadaBR-1.0-1.1CE-Linux-Shell-Upload.htmlhttps://github.com/SCADA-LTS/Scada-LTS/pull/2174https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26828https://youtu.be/k1teIStQr1A