CVE-2025-9139 | Scada-LTS 2.7.8.1 WatchListDwr.init.dwr information disclosure

A vulnerability, which was classified as problematic, was found in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file /Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr. Executing manipulation can lead to information disclosure.

This vulnerability appears as CVE-2025-9139. The attack may be performed from a remote location. In addition, an exploit is available.

The vendor explains: “[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities – the overall risk change to the user due to malicious admin actions will not be lower.”

CVE-2025-9139 | Scada-LTS 2.7.8.1 WatchListDwr.init.dwr information disclosure

Post correlati

CVE-2024-2976 | Tenda F1203 2.0.1.6 /goform/execCommand R7WebsSecurityHandler password stack-based overflow

CVE-2024-3886 | tagDiv Composer Plugin up to 5.0 on WordPress envato_code[] cross site scripting

CVE-2024-46531 | PHPGurukul Vehicle Record Management System 1.0 /index.php searchinputdata sql injection

CVE-2023-34385 | Akshay Menariya Export Import Menus Plugin up to 1.8.0 on WordPress unrestricted upload