Vulnerability Description
Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intellicom | Netbiter Easyconnect Ec150 | All versions |
| Intellicom | Netbiter Modbus Rtu-Tcp Gateway Mb100 | All versions |
| Intellicom | Netbiter Serial Ethernet Server Ss100 | All versions |
| Intellicom | Netbiter Webscada Ws100 | All versions |
| Intellicom | Netbiter Webscada Ws200 | All versions |
| Intellicom | Netbiter Nb100 | All versions |
| Intellicom | Netbiter Nb200 | All versions |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.htmlExploit
- http://www.kb.cert.org/vuls/id/114560US Government Resource
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdfUS Government Resource
- http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.htmlExploit
- http://www.kb.cert.org/vuls/id/114560US Government Resource
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdfUS Government Resource
FAQ
What is CVE-2010-4731?
CVE-2010-4731 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter N...
How severe is CVE-2010-4731?
CVE-2010-4731 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4731?
Check the references section above for vendor advisories and patch information. Affected products include: Intellicom Netbiter Easyconnect Ec150, Intellicom Netbiter Modbus Rtu-Tcp Gateway Mb100, Intellicom Netbiter Serial Ethernet Server Ss100, Intellicom Netbiter Webscada Ws100, Intellicom Netbiter Webscada Ws200.