CVE-2021-26828CISA KEV: Actively Exploited

OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

Published Dec 3, 2025·Updated Dec 3, 2025

Description

OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.

Public Exploits & PoCs2 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free