Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2013-1627

Published: 11/03/2013 Updated: 18/03/2013
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 785
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Web Studio

Vulnerability Summary

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and previous versions and Advantech Studio 7.0 and previous versions allows remote malicious users to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.

Vulnerable Product Search on Vulmon Subscribe to Product

indusoft web studio 6.1

advantech advantech studio 6.1

indusoft web studio 7.0b2

indusoft web studio 7.0

Exploits

Exploit DB: Advantech Studio 7.0 - SCADA/HMI Directory Traversal
# Exploit Title: Advantech Studio v70 SCADA/HMI Directory Traversal 0-day # Google Dork: N/A # Date: 2012-12-03 # Exploit Author: Nin3 # Vendor Homepage: advantechcomtw # Version: 70 Build Number 0501111104020000 # Tested on: Windows # CVE : N/A ''' Advantech Studio v70 SCADA/HMI has a built in web server NTWebServerexe, the web se ...

References

CWE-22http://ics-cert.us-cert.gov/pdf/ICSA-13-067-01.pdfhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/23132/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook