Security for everyone

CVE-2015-6477 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Nordex Control 2 (NC2) affects v. 16 and earlier.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one




Nordex Control 2 (NC2) is a Supervisory Control and Data Acquisition (SCADA) system used in wind farms to monitor and control wind turbines. The system is designed to maintain optimal performance of wind turbines and to ensure that energy generated from the wind farm is delivered safely to the electrical grid. Nordex Control 2 is a critical component of the wind farm as without it; the performance and security of the whole wind farm may be affected.

One of the vulnerabilities detected in the Nordex Control 2 system is the CVE-2015-6477. This vulnerability occurs when multiple cross-site scripting (XSS) vulnerabilities are uncovered, potentially allowing remote attackers to inject arbitrary web scripts or HTML via unspecified vectors. Exploitation of these vulnerabilities can eventually result in unauthorized access to the SCADA system.

When the vulnerability is exploited, it can lead to severe consequences. Attackers can gain unauthorized access to the SCADA system, manipulate the turbines, and cause system failures, leading to significant losses. Furthermore, the attackers can steal sensitive information, such as operational data, network configurations, and other system-related information, potentially causing further damage to the wind farm.

In conclusion, the Nordex Control 2 (NC2) SCADA system is an essential component of wind farms designed to maintain optimal performance and safety. However, multiple vulnerabilities such as CVE-2015-6477 can create significant issues, with potential consequences ranging from unauthorized access to information theft. By following security best practices, organizations can protect against these vulnerabilities and ensure that their digital assets remain secure. Additionally, the platform provides an excellent place to learn about vulnerabilities and stay informed on emerging risks.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture