Browse all 9 CVE security advisories affecting Elcomplus. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Elcomplus develops enterprise resource planning (ERP) and supply chain management software primarily for manufacturing and distribution sectors. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure authentication mechanisms. While no major public security incidents have been widely documented, the nine CVEs attributed to their products highlight recurring issues in access controls and data handling. Their software typically requires network exposure, increasing attack surface for potential exploitation. Organizations using Elcomplus solutions should prioritize timely patching and harden configurations against common web application threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-2106 | Elcomplus SmartICS Path Traversal — SmartICSCWE-23 | 3.8 | Low | 2022-06-27 |
| CVE-2022-2140 | Elcomplus SmartICS Cross-site Scripting — SmartICSCWE-79 | 8.8 | High | 2022-06-27 |
| CVE-2022-2088 | Elcomplus SmartICS Access Control — SmartICSCWE-284 | 6.8 | Medium | 2022-06-27 |
| CVE-2021-43938 | Elcomplus SmartPTT SCADA Server Information Exposure — SmartPTT SCADA ServerCWE-200 | 8.1 | High | 2022-04-29 |
| CVE-2021-43937 | Elcomplus SmartPTT SCADA Server Cross-site Request Forgery — SmartPTT SCADA ServerCWE-200 | 7.6 | High | 2022-04-29 |
| CVE-2021-43939 | Elcomplus SmartPtt Improper Authorization — SmartPTTCWE-285 | 8.8 | High | 2022-04-28 |
| CVE-2021-43932 | Elcomplus SmartPtt Cross-site Scripting — SmartPTTCWE-79 | 9.0 | Critical | 2022-04-28 |
| CVE-2021-43934 | Elcomplus SmartPtt Unrestricted Upload of File with Dangerous Type — SmartPTTCWE-434 | 9.8 | Critical | 2022-04-28 |
| CVE-2021-43930 | Elcomplus SmartPtt Path Traversal — SmartPTTCWE-22 | 4.9 | Medium | 2022-04-28 |
This page lists every published CVE security advisory associated with Elcomplus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.