Untrusted search path vulnerability in Installer of INplc SDK Express 3.08 and earlier and Installer of INplc SDK Pro+ 3.08 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mnc | inplc-rt_sdk_express | * |
| mnc | inplc_sdk_pro+ | * |
Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers to cause denial-of-service (DoS) condition that may result in executing arbtrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mnc | inplc-rt | * |
INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0670.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mnc | inplc-rt | * |
INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0669.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mnc | inplc-rt | * |
Privilege escalation vulnerability in INplc-RT 3.08 and earlier allows an attacker with administrator rights to execute arbitrary code on the Windows system via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mnc | inplc-rt | * |