You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
webctrl vulnerabilities
About this tag
WebCTRL vulnerabilities discussed on WindowsForum include open redirect and cross-site scripting (XSS) flaws in Automated Logic's WebCTRL Premium Server, tracked as CVE-2024-8527 and CVE-2024-8528. These high-severity issues can be exploited to phish operators, inject malicious scripts into administrator browsers, and contribute to larger attack chains targeting building automation and ICS environments. The vendor recommends upgrading to WebCTRL 9.0 to remediate these vulnerabilities. Discussions focus on the technical details, CVSS ratings, and mitigation steps for affected systems.
Automated Logic’s WebCTRL Premium Server has been confirmed vulnerable to an open redirect and a cross‑site scripting (XSS) flaw — tracked as CVE‑2024‑8527 and CVE‑2024‑8528 — that together can be abused to phish operators, deliver malicious scripts into administrator browsers, and form...