Published: 25/04/2014 Updated: 16/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote malicious users to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests.

Vulnerable Product	Search on Vulmon	Subscribe to Product
indusoft web studio
indusoft web studio 7.1

require 'msf/core' class MetasploitModule < Msf::Auxiliary Rank = GreatRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'Indusoft Web Studio Directory Traversal', 'Description' => %q{ This module exploits a flaw found in Indusoft Web Studio <= ...

CWE-22 http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02 http://www.securityfocus.com/bid/67056 https://www.exploit-db.com/exploits/42699/https://nvd.nist.gov https://www.exploit-db.com/exploits/42699/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-0780

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect