1. Home
  2. CVE Database
  3. CVE-2013-1627
HIGH · 7.8

CVE-2013-1627

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in ...

Vulnerability Description

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:C/I:N/A:N
Confidentiality
COMPLETE
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
AdvantechAdvantech Studio6.1
IndusoftWeb Studio6.1

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2013-1627?

CVE-2013-1627 is a vulnerability with a CVSS score of 7.8 (HIGH). Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in ...

How severe is CVE-2013-1627?

CVE-2013-1627 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-1627?

Check the references section above for vendor advisories and patch information. Affected products include: Advantech Advantech Studio, Indusoft Web Studio.