Browse all 6 CVE security advisories affecting Ecava. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ecava develops automation and IT management software, primarily used for network monitoring and system control. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. While no major public security incidents have been widely documented, the six CVEs on record highlight recurring issues in authentication mechanisms and insecure default configurations. Their software typically requires network exposure, increasing attack surface for potential exploitation. Security researchers have noted that some vulnerabilities allow unauthenticated attackers to execute arbitrary code or gain elevated privileges, particularly in older versions of their flagship products.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2014-2375 | Ecava IntegraXor SCADA Server External Control of File Name or Path — IntegraXor SCADA ServerCWE-73 | 9.8 | - | 2014-09-15 |
| CVE-2014-2376 | Ecava IntegraXor SCADA Server SQL Injection — IntegraXor SCADA ServerCWE-89 | 9.8 | - | 2014-09-15 |
| CVE-2014-2377 | Ecava IntegraXor SCADA Server Information Exposure Through Environmental Variables — IntegraXor SCADA ServerCWE-526 | 5.3 | - | 2014-09-15 |
This page lists every published CVE security advisory associated with Ecava. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.