CNNVD-202508-2089 Information

CNNVD ID

CNNVD-202508-2089

Related CVE

CVE-2025-9139

• CNNVD Published: 2025-08-19

Description (Chinese)

Scada-LTS是Scada-LTS开源的一个开源、基于 web 的多平台解决方案。 Scada-LTS 2.7.8.1版本存在安全漏洞，该漏洞源于/Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr文件功能不当，可能导致信息泄露。

Description (English)

Scada-LTS is an open source, web-based multi-platform solution for Scada-LTS open source. There is a security loophole in version 2.7.8.1 of Scada-LTS, which stems from the inappropriate functionality of/Scada-LTS/dwr/call/ plaincall/watchListDwr.init.dwr files, which may lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Scada-LTS

Published

2025-08-19

Last Modified

2026-02-24

References

https://vuldb.com/?id.320519 https://vuldb.com/?submit.621062 https://github.com/CVE-Hunters/CVE/blob/main/Scada-LTS/Sensitive%20User%20Information%20Disclosure%20via%20WatchListDwr.init.dwr%20Endpoint.md#proof-of-concept-poc https://vuldb.com/?ctiid.320519 https://github.com/CVE-Hunters/CVE/blob/main/Scada-LTS/%20CVE-2025-9139.md https://access.redhat.com/security/cve/cve-2025-9139 https://nvd.nist.gov/vuln/detail/CVE-2025-9139