Vulnerability Description
cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intellicom | Netbiter Easyconnect Ec150 | All versions |
| Intellicom | Netbiter Modbus Rtu-Tcp Gateway Mb100 | All versions |
| Intellicom | Netbiter Serial Ethernet Server Ss100 | All versions |
| Intellicom | Netbiter Webscada Ws100 | All versions |
| Intellicom | Netbiter Webscada Ws200 | All versions |
| Intellicom | Netbiter Nb100 | All versions |
| Intellicom | Netbiter Nb200 | All versions |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.htmlExploit
- http://www.kb.cert.org/vuls/id/114560US Government Resource
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdfUS Government Resource
- http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.htmlExploit
- http://www.kb.cert.org/vuls/id/114560US Government Resource
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdfUS Government Resource
FAQ
What is CVE-2010-4732?
CVE-2010-4732 is a vulnerability with a CVSS score of 9.0 (HIGH). cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote au...
How severe is CVE-2010-4732?
CVE-2010-4732 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4732?
Check the references section above for vendor advisories and patch information. Affected products include: Intellicom Netbiter Easyconnect Ec150, Intellicom Netbiter Modbus Rtu-Tcp Gateway Mb100, Intellicom Netbiter Serial Ethernet Server Ss100, Intellicom Netbiter Webscada Ws100, Intellicom Netbiter Webscada Ws200.