Adem El Adeb

**Name of the Vulnerable Software and Affected Versions** InSAT MasterSCADA BUK-TS (affected versions not specified) **Description** InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Successful exploitation allows malicious users to potentially cause remote code execution. The issue does not require any privileges or user interaction and has a high impact on confidentiality, integrity, and availability. The vulnerable endpoint allows for this exploitation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** InSAT MasterSCADA BUK-TS (affected versions not specified) **Description** All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its `MMadmServ` web interface. This flaw enables an attacker to execute arbitrary system commands remotely, potentially leading to full system compromise. The vulnerable component is the `MMadmServ` web interface. The vulnerability allows attackers to inject commands through a specific field. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.