CVE-2010-4732
Published Feb 15, 2011
Last updated 14 years ago
Overview
- Description
- cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC537D95-3DCD-4FD8-9CCE-61F70A818F4C"
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DBABB5F-235A-427D-B13E-7DCBFE7A4337"
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFD64BF7-5945-4CDE-84E3-D872081CB42F"
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCD25C93-C0EE-4EFD-8066-53CE3840BF1B"
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01FE6CE4-81D4-47B9-A859-92E267712B49"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD774110-E3E9-4A65-9B8D-5A62B0AEB410"
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "769218F4-5A0A-42E6-8DB4-F133AF5741E8"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]