Vulnerability Description
Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge Fanuc | Proficy Real-Time Information Portal | <= 2.6 |
References
- http://secunia.com/advisories/28678Vendor Advisory
- http://securityreason.com/securityalert/3591
- http://support.gefanuc.com/support/index?page=kbchannel&id=KB12460
- http://www.kb.cert.org/vuls/id/339345US Government Resource
- http://www.securityfocus.com/archive/1/487079/100/0/threaded
- http://www.securityfocus.com/archive/1/487242/100/0/threaded
- http://www.securityfocus.com/bid/27446
- http://www.securitytracker.com/id?1019274
- http://www.vupen.com/english/advisories/2008/0307/references
- http://secunia.com/advisories/28678Vendor Advisory
- http://securityreason.com/securityalert/3591
- http://support.gefanuc.com/support/index?page=kbchannel&id=KB12460
- http://www.kb.cert.org/vuls/id/339345US Government Resource
- http://www.securityfocus.com/archive/1/487079/100/0/threaded
- http://www.securityfocus.com/archive/1/487242/100/0/threaded
FAQ
What is CVE-2008-0175?
CVE-2008-0175 is a vulnerability with a CVSS score of 7.5 (HIGH). Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extensi...
How severe is CVE-2008-0175?
CVE-2008-0175 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0175?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Fanuc Proficy Real-Time Information Portal.