CVE-2011-1565

Published Apr 5, 2011

Last updated 13 years ago

Overview

Description: Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-22

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:7t:igss:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16809388-2F66-409B-ACA0-6F662C940C5A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References