Published: 25/08/2017 Updated: 27/07/2021

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 695

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

An Unquoted Search Path or Element issue exists in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An unquoted search path vulnerability may allow a non-privileged local malicious user to change files in the installation directory and execute arbitrary code with elevated privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
automatedlogic sitescan web
carrier automatedlogic webctrl
automatedlogic i-vu

Automated Logic WebCTRL 65 Insecure File Permissions Privilege Escalation Vendor: Automated Logic Corporation Product web page: wwwautomatedlogiccom Affected version: ALC WebCTRL, i-Vu, SiteScan Web 65 and prior ALC WebCTRL, SiteScan Web 61 and prior ALC WebCTRL, i-Vu 60 and prior ...

Automated Logic WebCTRL version 65 suffers from an insecure file permission privilege escalation vulnerability ...

CWE-428 https://ics-cert.us-cert.gov/advisories/ICSA-17-234-01 https://www.exploit-db.com/exploits/42542/http://www.securityfocus.com/bid/100454 https://nvd.nist.gov https://www.exploit-db.com/exploits/42542/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-9644

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect