Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and previous versions and Advantech Studio 7.0 and previous versions allows remote malicious users to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
indusoft web studio 6.1 |
||
advantech advantech studio 6.1 |
||
indusoft web studio 7.0b2 |
||
indusoft web studio 7.0 |