Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
17 vulnerabilities by intellicom
VAR-200912-0340
Vulnerability from variot - Updated: 2024-01-18 22:49Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords. The IntelliCom NetBiter Config HICP configuration utility has a buffer overflow vulnerability that can be triggered by a specially crafted hostname (hn) value. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. IntelliCom Provided by NetBiter The password set on the device at the factory may be used by a remote third party. IntelliCom Provided by NetBiter The device is Ethernet and IP To configure network settings HICP The protocol is used. NetBiter The device is factory set HICP The password for can be obtained by methods other than the product documentation.Without changing from the factory password NetBiter When operating the device, the remote third party who obtained the password may change the network settings or change the password. HICP Access to the service may be disrupted. Also, HICP Since passwords are transmitted in clear text, the password may be intercepted by a third party intercepting the communication. Successful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. NOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Netbiter Webscada Firmware is prone to a denial-of-service vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0340",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.9,
"vendor": "intellicom",
"version": "3.13.2"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.9,
"vendor": "intellicom",
"version": "3.13.1"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.9,
"vendor": "intellicom",
"version": "3.12.4"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.9,
"vendor": "intellicom",
"version": "3.30.1"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.9,
"vendor": "intellicom",
"version": "3.12.6"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.9,
"vendor": "intellicom",
"version": "3.11.2"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.6,
"vendor": "intellicom",
"version": "3.30.2"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.6,
"vendor": "intellicom",
"version": "3.20.0"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.6,
"vendor": "intellicom",
"version": "3.13.0"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.6,
"vendor": "intellicom",
"version": "3.30.0"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.3,
"vendor": "intellicom",
"version": "3.11.1"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "3.11.0"
},
{
"model": "netbiter webscada ws100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter webscada ws200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter webscada",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "innovation netbiter webscada ws200",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiter webscada ws100",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "netbiter webscada ws200",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "netbiter webscada ws100",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "3.30"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "3.20"
},
{
"model": "netbiter webscada",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "3.11"
},
{
"model": "netbiter webscada b184",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "3.30.2"
},
{
"model": "netbiter webscada beta",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "3.13.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "79166"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-402"
},
{
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.13.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.30.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.20.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.30.2:b184:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.30.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta",
"sources": [
{
"db": "BID",
"id": "37328"
}
],
"trust": 0.3
},
"cve": "CVE-2009-4463",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-4463",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41909",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-4463",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#181737",
"trust": 0.8,
"value": "0.48"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-402",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41909",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2009-4463",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41909"
},
{
"db": "VULMON",
"id": "CVE-2009-4463"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-402"
},
{
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords. The IntelliCom NetBiter Config HICP configuration utility has a buffer overflow vulnerability that can be triggered by a specially crafted hostname (hn) value. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. IntelliCom Provided by NetBiter The password set on the device at the factory may be used by a remote third party. IntelliCom Provided by NetBiter The device is Ethernet and IP To configure network settings HICP The protocol is used. NetBiter The device is factory set HICP The password for can be obtained by methods other than the product documentation.Without changing from the factory password NetBiter When operating the device, the remote third party who obtained the password may change the network settings or change the password. HICP Access to the service may be disrupted. Also, HICP Since passwords are transmitted in clear text, the password may be intercepted by a third party intercepting the communication. \nSuccessful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. \nNOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Netbiter Webscada Firmware is prone to a denial-of-service vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4463"
},
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "79166"
},
{
"db": "VULHUB",
"id": "VHN-41909"
},
{
"db": "VULMON",
"id": "CVE-2009-4463"
}
],
"trust": 3.78
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#902793",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2009-4463",
"trust": 2.9
},
{
"db": "OSVDB",
"id": "61506",
"trust": 2.8
},
{
"db": "BID",
"id": "37328",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#181737",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-402",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20091214 EXPOSING HMS HICP PROTOCOL + INTELLICOM NETBITERCONFIG.EXE REMOTE BUFFER OVERFLOW (NOT PATCHED)",
"trust": 0.6
},
{
"db": "BID",
"id": "79166",
"trust": 0.5
},
{
"db": "VULHUB",
"id": "VHN-41909",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-4463",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41909"
},
{
"db": "VULMON",
"id": "CVE-2009-4463"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "79166"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-402"
},
{
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"id": "VAR-200912-0340",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41909"
}
],
"trust": 0.01
},
"last_update_date": "2024-01-18T22:49:38.783000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ISFR-4404-0008",
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?fid=151\u0026fpid=113"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41909"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.9,
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026itemid=1"
},
{
"trust": 2.8,
"url": "http://blog.48bits.com/?p=781"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"trust": 2.6,
"url": "http://support.intellicom.se/getfile.cfm?fid=151"
},
{
"trust": 2.0,
"url": "http://www.osvdb.org/61506"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/508449/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://osvdb.com/show/osvdb/61506"
},
{
"trust": 0.8,
"url": "http://www.hms.se/products/prodindex.shtml"
},
{
"trust": 0.8,
"url": "http://www.anybus.com/products/abxsstech.shtml"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se/news.cfm?nwid=33"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?fid=150"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/37328"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4463"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu902793/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4463"
},
{
"trust": 0.3,
"url": "http://www.intellicom.se/"
},
{
"trust": 0.3,
"url": "http://www.intellicom.se/webscada.cfm"
},
{
"trust": 0.3,
"url": "/archive/1/508449"
},
{
"trust": 0.1,
"url": "http://reversemode.com/index.php?option=com_content\u0026amp;task=view\u0026amp;id=65\u0026amp;itemid=1"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/255.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/79166"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41909"
},
{
"db": "VULMON",
"id": "CVE-2009-4463"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "79166"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-402"
},
{
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41909"
},
{
"db": "VULMON",
"id": "CVE-2009-4463"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "79166"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-402"
},
{
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-06T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-24T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2009-12-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41909"
},
{
"date": "2009-12-30T00:00:00",
"db": "VULMON",
"id": "CVE-2009-4463"
},
{
"date": "2009-12-14T00:00:00",
"db": "BID",
"id": "37328"
},
{
"date": "2009-12-30T00:00:00",
"db": "BID",
"id": "79166"
},
{
"date": "2010-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"date": "2009-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-402"
},
{
"date": "2009-12-30T20:00:01.170000",
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-29T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-26T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-41909"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULMON",
"id": "CVE-2009-4463"
},
{
"date": "2010-04-06T17:32:00",
"db": "BID",
"id": "37328"
},
{
"date": "2009-12-30T00:00:00",
"db": "BID",
"id": "79166"
},
{
"date": "2010-04-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001345"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-402"
},
{
"date": "2018-10-10T19:49:13.103000",
"db": "NVD",
"id": "CVE-2009-4463"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "79166"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IntelliCom NetBiter devices have default HICP passwords",
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-402"
}
],
"trust": 0.6
}
}
VAR-200912-0339
Vulnerability from variot - Updated: 2023-12-18 13:53Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. Successful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. NOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0339",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiterconfig",
"scope": "eq",
"trust": 1.6,
"vendor": "intellicom",
"version": "1.3.0"
},
{
"model": "netbiter config",
"scope": "lt",
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": "1.3.1 earlier"
},
{
"model": "innovation netbiter webscada ws200",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiter webscada ws100",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiterconfig.exe",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "1.3"
},
{
"model": "innovation netbiterconfig.exe",
"scope": "ne",
"trust": 0.3,
"vendor": "intellicom",
"version": "1.3.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intellicom:netbiterconfig:1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta",
"sources": [
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
}
],
"trust": 0.6
},
"cve": "CVE-2009-4462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-4462",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-41908",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-4462",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#181737",
"trust": 0.8,
"value": "0.48"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-401",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41908",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. IntelliCom NetBiter devices ship with default passwords for the HICP network configuration service. An attacker with network access could exploit this vulnerability to execute arbitrary code with the privileges of the user running NetBiter Config. \nSuccessful exploits may allow attackers to gain privileged access to the device or network; other attacks may also be possible. \nNOTE: This BID is being retired as it has been determined to not be a vulnerability. The default password and instructions on changing it are detailed in the product documentation. Intellicom \u0027NetBiterConfig.exe\u0027 is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "VULHUB",
"id": "VHN-41908"
}
],
"trust": 3.69
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-41908",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#181737",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2009-4462",
"trust": 2.8
},
{
"db": "VUPEN",
"id": "ADV-2009-3542",
"trust": 2.5
},
{
"db": "BID",
"id": "37325",
"trust": 2.2
},
{
"db": "CERT/CC",
"id": "VU#902793",
"trust": 1.1
},
{
"db": "BID",
"id": "37328",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "61506",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20091214 EXPOSING HMS HICP PROTOCOL + INTELLICOM NETBITERCONFIG.EXE REMOTE BUFFER OVERFLOW (NOT PATCHED)",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "33403",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "10451",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-86625",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-41908",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"id": "VAR-200912-0339",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:42.698000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ISFR-4404-0007",
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026fpid=85"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.8,
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026itemid=1"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/3542"
},
{
"trust": 2.2,
"url": "http://www.kb.cert.org/vuls/id/181737"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/37325"
},
{
"trust": 1.6,
"url": "http://blog.48bits.com/?p=781"
},
{
"trust": 1.1,
"url": "http://support.intellicom.se/getfile.cfm?fid=151"
},
{
"trust": 1.1,
"url": "http://support.intellicom.se/news.cfm?nwid=33"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://blog.48bits.com/2009/12/12/exposing-hms-hicp-protocol-0day-light/"
},
{
"trust": 1.0,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026fpid=85"
},
{
"trust": 0.8,
"url": "http://osvdb.com/show/osvdb/61506"
},
{
"trust": 0.8,
"url": "http://www.hms.se/products/prodindex.shtml"
},
{
"trust": 0.8,
"url": "http://www.anybus.com/products/abxsstech.shtml"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se/getfile.cfm?fid=150"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/37328"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4462"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu181737/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4462"
},
{
"trust": 0.6,
"url": "http://www.intellicom.se/"
},
{
"trust": 0.6,
"url": "/archive/1/508449"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/508449/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"trust": 0.3,
"url": "http://www.intellicom.se/webscada.cfm"
},
{
"trust": 0.1,
"url": "http://support.intellicom.se/getfile.cfm?fid=150\u0026amp;fpid=85"
},
{
"trust": 0.1,
"url": "http://reversemode.com/index.php?option=com_content\u0026amp;task=view\u0026amp;id=65\u0026amp;itemid=1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#902793"
},
{
"db": "CERT/CC",
"id": "VU#181737"
},
{
"db": "VULHUB",
"id": "VHN-41908"
},
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-06T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-24T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2009-12-30T00:00:00",
"db": "VULHUB",
"id": "VHN-41908"
},
{
"date": "2009-12-14T00:00:00",
"db": "BID",
"id": "37328"
},
{
"date": "2009-12-14T00:00:00",
"db": "BID",
"id": "37325"
},
{
"date": "2010-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"date": "2009-12-30T20:00:01.157000",
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"date": "2009-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-29T00:00:00",
"db": "CERT/CC",
"id": "VU#902793"
},
{
"date": "2010-03-26T00:00:00",
"db": "CERT/CC",
"id": "VU#181737"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-41908"
},
{
"date": "2010-04-06T17:32:00",
"db": "BID",
"id": "37328"
},
{
"date": "2010-03-25T16:42:00",
"db": "BID",
"id": "37325"
},
{
"date": "2010-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001236"
},
{
"date": "2018-10-10T19:49:12.573000",
"db": "NVD",
"id": "CVE-2009-4462"
},
{
"date": "2011-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "37328"
},
{
"db": "BID",
"id": "37325"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IntelliCom NetBiter devices have default HICP passwords",
"sources": [
{
"db": "CERT/CC",
"id": "VU#902793"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-401"
}
],
"trust": 0.6
}
}
VAR-201102-0197
Vulnerability from variot - Updated: 2023-12-18 13:25Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter NB100 and NB200 Multiple running on the platform IntelliCom Product cgi-bin/read.cgi Contains a directory traversal vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0197",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbiter webscada ws100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter easyconnect ec150",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter webscada ws200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter serial ethernet server ss100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter easy connect ec150",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter modbus rtu - tcp gateway mb100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter nb200",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter easyconnect ec150",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter easyconnect ec150",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter modbus rtu tcp gateway mb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter serial ethernet server ss100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter webscada ws100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter webscada ws200",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter nb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter nb200",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4730"
}
]
},
"cve": "CVE-2010-4730",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-4730",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2011-6679",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "47bc253a-2355-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-47335",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4730",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#114560",
"trust": 0.8,
"value": "1.68"
},
{
"author": "CNVD",
"id": "CNVD-2011-6679",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-225",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-47335",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "VULHUB",
"id": "VHN-47335"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter NB100 and NB200 Multiple running on the platform IntelliCom Product cgi-bin/read.cgi Contains a directory traversal vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-47335"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4730",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-10-316-01A",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#114560",
"trust": 3.3
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2011-6679",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20101001 [STANKOINFORMZASCHITA-10-01] NETBITER, WEBSCADA MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D7B090F-463F-11E9-91E5-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "47BC253A-2355-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-47335",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "VULHUB",
"id": "VHN-47335"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
]
},
"id": "VAR-201102-0197",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "VULHUB",
"id": "VHN-47335"
}
],
"trust": 1.57916666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
}
]
},
"last_update_date": "2023-12-18T13:25:14.417000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"title": "WebSCADA multiple products cgi-bin/read.cgi directory traversal vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/36987"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47335"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"db": "NVD",
"id": "CVE-2010-4730"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-10-316-01a.pdf"
},
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4730"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu114560"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4730"
},
{
"trust": 0.6,
"url": "http://web.nvd.nist.gov/view/vuln/search-results?query=cve-2010-4730"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "VULHUB",
"id": "VHN-47335"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "VULHUB",
"id": "VHN-47335"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-16T00:00:00",
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"date": "2011-02-16T00:00:00",
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"date": "2011-02-03T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47335"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"date": "2011-02-15T01:00:01.477000",
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47335"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001681"
},
{
"date": "2011-02-15T05:00:00",
"db": "NVD",
"id": "CVE-2010-4730"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebSCADA Multiple products cgi-bin/read.cgi Directory Traversal Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-6679"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "7d7b090f-463f-11e9-91e5-000c29342cb1"
},
{
"db": "IVD",
"id": "47bc253a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-225"
}
],
"trust": 1.0
}
}
VAR-201102-0174
Vulnerability from variot - Updated: 2023-12-18 13:25WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter NB100 and NB200 There are multiple vulnerabilities in products that run on the platform, including directory traversal. Other NB100 and NB200 Products that run on the platform may also be affected.By a third party with access to the product, superadmin Authority (Netbiter Top-level permissions ) By acquiring, system files and configuration files may be browsed. In addition, an arbitrary command may be executed by uploading malicious code. A remote attacker can gain access to the super administrator through the web interface
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0174",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbiter webscada ws100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter easyconnect ec150",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter webscada ws200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter serial ethernet server ss100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter easy connect ec150",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter modbus rtu - tcp gateway mb100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "ws200",
"scope": null,
"trust": 0.6,
"vendor": "webscada",
"version": null
},
{
"model": "ws100",
"scope": null,
"trust": 0.6,
"vendor": "webscada",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter easyconnect ec150",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter easyconnect ec150",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter modbus rtu tcp gateway mb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter serial ethernet server ss100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter webscada ws100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter webscada ws200",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter nb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter nb200",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4733"
}
]
},
"cve": "CVE-2010-4733",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-4733",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2011-6676",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "4869abe2-2355-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-47338",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4733",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#114560",
"trust": 0.8,
"value": "1.68"
},
{
"author": "CNVD",
"id": "CNVD-2011-6676",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-228",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-47338",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "VULHUB",
"id": "VHN-47338"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter NB100 and NB200 There are multiple vulnerabilities in products that run on the platform, including directory traversal. Other NB100 and NB200 Products that run on the platform may also be affected.By a third party with access to the product, superadmin Authority (Netbiter Top-level permissions ) By acquiring, system files and configuration files may be browsed. In addition, an arbitrary command may be executed by uploading malicious code. A remote attacker can gain access to the super administrator through the web interface",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-47338"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4733",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-10-316-01A",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#114560",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2011-6676",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20101001 [STANKOINFORMZASCHITA-10-01] NETBITER, WEBSCADA MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "IVD",
"id": "4869ABE2-2355-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7B301E-463F-11E9-BB33-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-47338",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "VULHUB",
"id": "VHN-47338"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
]
},
"id": "VAR-201102-0174",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "VULHUB",
"id": "VHN-47338"
}
],
"trust": 1.926388886666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
}
]
},
"last_update_date": "2023-12-18T13:25:14.375000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Netbiter webSCADA WS100 - Support",
"trust": 0.8,
"url": "http://support.intellicom.se/dynpage.cfm?fpid=85\u0026catid=93\u0026subcatid=297"
},
{
"title": "Intellicom Innovation AB - SUPPORT",
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"title": "WebSCADA patch for multiple product weak password vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/37313"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47338"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"db": "NVD",
"id": "CVE-2010-4733"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-10-316-01a.pdf"
},
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4733"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4733"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu114560"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/114560"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "VULHUB",
"id": "VHN-47338"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "VULHUB",
"id": "VHN-47338"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-16T00:00:00",
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"date": "2011-02-16T00:00:00",
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"date": "2011-02-03T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47338"
},
{
"date": "2011-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"date": "2011-02-15T01:00:01.853000",
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47338"
},
{
"date": "2011-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001155"
},
{
"date": "2011-02-15T05:00:00",
"db": "NVD",
"id": "CVE-2010-4733"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebSCADA Multiple Product Weak Password Vulnerabilities",
"sources": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2011-6676"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Trust management",
"sources": [
{
"db": "IVD",
"id": "4869abe2-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301e-463f-11e9-bb33-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-228"
}
],
"trust": 1.0
}
}
VAR-201102-0172
Vulnerability from variot - Updated: 2023-12-18 13:25Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. IntelliCom NetBiter NB100 and NB200 Multiple running on the platform IntelliCom Product cgi-bin/read.cgi Is An absolute path traversal vulnerability exists
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0172",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbiter webscada ws100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter easyconnect ec150",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter webscada ws200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter serial ethernet server ss100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter easy connect ec150",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter modbus rtu - tcp gateway mb100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "ws200",
"scope": null,
"trust": 0.6,
"vendor": "webscada",
"version": null
},
{
"model": "ws100",
"scope": null,
"trust": 0.6,
"vendor": "webscada",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter easyconnect ec150",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netbiter easyconnect ec150",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netbiter modbus rtu tcp gateway mb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netbiter serial ethernet server ss100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netbiter webscada ws100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netbiter webscada ws200",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netbiter nb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netbiter nb200",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4731"
}
]
},
"cve": "CVE-2010-4731",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-4731",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2011-6678",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "47a1985a-2355-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-47336",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4731",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#114560",
"trust": 0.8,
"value": "1.68"
},
{
"author": "CNVD",
"id": "CNVD-2011-6678",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-226",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-47336",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "VULHUB",
"id": "VHN-47336"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. IntelliCom NetBiter NB100 and NB200 Multiple running on the platform IntelliCom Product cgi-bin/read.cgi Is An absolute path traversal vulnerability exists",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-47336"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#114560",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2010-4731",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-10-316-01A",
"trust": 3.3
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2011-6678",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20101001 [STANKOINFORMZASCHITA-10-01] NETBITER, WEBSCADA MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "IVD",
"id": "47A1985A-2355-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-47336",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "VULHUB",
"id": "VHN-47336"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
]
},
"id": "VAR-201102-0172",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "VULHUB",
"id": "VHN-47336"
}
],
"trust": 1.7263888866666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
}
]
},
"last_update_date": "2023-12-18T13:25:14.338000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"title": "WebSCADA multiple products cgi-bin/read.cgi absolute path traversal vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/37315"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47336"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"db": "NVD",
"id": "CVE-2010-4731"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-10-316-01a.pdf"
},
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4731"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu114560"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4731"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "VULHUB",
"id": "VHN-47336"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "VULHUB",
"id": "VHN-47336"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-16T00:00:00",
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"date": "2011-02-03T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47336"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"date": "2011-02-15T01:00:01.603000",
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47336"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001683"
},
{
"date": "2011-02-15T05:00:00",
"db": "NVD",
"id": "CVE-2010-4731"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebSCADA Multiple products cgi-bin/read.cgi Absolute path traversal vulnerability",
"sources": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-6678"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "47a1985a-2355-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-226"
}
],
"trust": 0.8
}
}
VAR-201102-0173
Vulnerability from variot - Updated: 2023-12-18 13:25cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. IntelliCom NetBiter NB100 and NB200 Multiple running on the platform IntelliCom Product cgi-bin/read.cgi Is A vulnerability that allows arbitrary code execution exists
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbiter webscada ws100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter easyconnect ec150",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter webscada ws200",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter serial ethernet server ss100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": "netbiter nb100",
"scope": "eq",
"trust": 1.0,
"vendor": "intellicom",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter easy connect ec150",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter modbus rtu - tcp gateway mb100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.8,
"vendor": "intellicom innovation ab",
"version": null
},
{
"model": "ws200",
"scope": null,
"trust": 0.6,
"vendor": "webscada",
"version": null
},
{
"model": "ws100",
"scope": null,
"trust": 0.6,
"vendor": "webscada",
"version": null
},
{
"model": "netbiter webscada ws200",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter easyconnect ec150",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter serial ethernet server ss100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter modbus rtu-tcp gateway mb100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "netbiter webscada ws100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter easyconnect ec150",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter modbus rtu tcp gateway mb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter serial ethernet server ss100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter webscada ws100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter webscada ws200",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter nb100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "netbiter nb200",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4732"
}
]
},
"cve": "CVE-2010-4732",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-4732",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2011-6677",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "480401ac-2355-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d7b301f-463f-11e9-9040-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-47337",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4732",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#114560",
"trust": 0.8,
"value": "1.68"
},
{
"author": "CNVD",
"id": "CNVD-2011-6677",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-227",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-47337",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "VULHUB",
"id": "VHN-47337"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463. IntelliCom NetBiter products based on the NB100 and NB200 platforms contain multiple vulnerabilities. IntelliCom NetBiter NB100 and NB200 Multiple running on the platform IntelliCom Product cgi-bin/read.cgi Is A vulnerability that allows arbitrary code execution exists",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "VULHUB",
"id": "VHN-47337"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#114560",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2010-4732",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-10-316-01A",
"trust": 3.3
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2011-6677",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20101001 [STANKOINFORMZASCHITA-10-01] NETBITER, WEBSCADA MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "IVD",
"id": "480401AC-2355-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7B301F-463F-11E9-9040-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-47337",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "VULHUB",
"id": "VHN-47337"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
]
},
"id": "VAR-201102-0173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "VULHUB",
"id": "VHN-47337"
}
],
"trust": 1.926388886666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
}
]
},
"last_update_date": "2023-12-18T13:25:14.298000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"title": "Patch for multiple cSC-bin/read.cgi remote code execution vulnerabilities in WebSCADA",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/37314"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-47337"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"db": "NVD",
"id": "CVE-2010-4732"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-10-316-01a.pdf"
},
{
"trust": 3.1,
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"trust": 0.8,
"url": "http://support.intellicom.se"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4732"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu114560"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4732"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "VULHUB",
"id": "VHN-47337"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CERT/CC",
"id": "VU#114560"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "VULHUB",
"id": "VHN-47337"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-16T00:00:00",
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"date": "2011-02-16T00:00:00",
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"date": "2011-02-03T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47337"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"date": "2011-02-15T01:00:01.727000",
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "CERT/CC",
"id": "VU#114560"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"date": "2011-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-47337"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-001682"
},
{
"date": "2011-02-15T05:00:00",
"db": "NVD",
"id": "CVE-2010-4732"
},
{
"date": "2011-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebSCADA Multiple products cgi-bin/read.cgi Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2011-6677"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
],
"trust": 1.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "480401ac-2355-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7b301f-463f-11e9-9040-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-227"
}
],
"trust": 1.0
}
}
VAR-201010-0437
Vulnerability from variot - Updated: 2022-05-17 02:07Intellicom NetBiter is a hardware device that is managed using the WebSCADA protocol. The Intellicom Netbiter webSCADA product 'read.cgi' has multiple security vulnerabilities that allow attackers to obtain sensitive information. - Local files are available through directory traversal attacks: /cgi-bin/read.cgi?page=../../../../../../../../../.. /../etc/passwd%00- can submit the following request for sensitive information: /cgi-bin/read.cgi?file=/home/config/users.cfg - by injecting a specially constructed GIF image on the LOGO page modification Upload malicious code: /cgi-bin/read.cgi?page=config.html&file=/home/config/pages/2.conf§ion=PAGE2GIF Hide malicious code in image content for SCADA server management and unauthorized OS command execution. An attacker can exploit these issues to upload and execute arbitrary script code on an affected computer with the privileges of the webserver process, view arbitrary local files, or obtain sensitive data that can aid in further attacks. Netbiter webSCADA WS100 and Netbiter webSCADA WS200 are vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201010-0437",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "innovation netbiter webscada ws200/ws100",
"scope": null,
"trust": 0.6,
"vendor": "intellicom",
"version": null
},
{
"model": "innovation netbiter webscada ws200/ws100",
"scope": "eq",
"trust": 0.4,
"vendor": "intellicom",
"version": "*"
},
{
"model": "innovation netbiter webscada ws200",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
},
{
"model": "innovation netbiter webscada ws100",
"scope": "eq",
"trust": 0.3,
"vendor": "intellicom",
"version": "0"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2238"
},
{
"db": "BID",
"id": "43636"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eugene Salov and Andrej Komarov",
"sources": [
{
"db": "BID",
"id": "43636"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intellicom NetBiter is a hardware device that is managed using the WebSCADA protocol. The Intellicom Netbiter webSCADA product \u0027read.cgi\u0027 has multiple security vulnerabilities that allow attackers to obtain sensitive information. - Local files are available through directory traversal attacks: /cgi-bin/read.cgi?page=../../../../../../../../../.. /../etc/passwd%00- can submit the following request for sensitive information: /cgi-bin/read.cgi?file=/home/config/users.cfg - by injecting a specially constructed GIF image on the LOGO page modification Upload malicious code: /cgi-bin/read.cgi?page=config.html\u0026file=/home/config/pages/2.conf\u0026section=PAGE2GIF Hide malicious code in image content for SCADA server management and unauthorized OS command execution. \nAn attacker can exploit these issues to upload and execute arbitrary script code on an affected computer with the privileges of the webserver process, view arbitrary local files, or obtain sensitive data that can aid in further attacks. \nNetbiter webSCADA WS100 and Netbiter webSCADA WS200 are vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2238"
},
{
"db": "BID",
"id": "43636"
},
{
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
}
],
"trust": 1.17
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-2238",
"trust": 1.0
},
{
"db": "BID",
"id": "43636",
"trust": 0.9
},
{
"db": "IVD",
"id": "7D7E3D5E-463F-11E9-BCC2-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "8FA72C7E-1FAD-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2238"
},
{
"db": "BID",
"id": "43636"
}
]
},
"id": "VAR-201010-0437",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2238"
}
],
"trust": 2.0
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.4
}
],
"sources": [
{
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2238"
}
]
},
"last_update_date": "2022-05-17T02:07:22.181000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/514104"
},
{
"trust": 0.3,
"url": "http://www.intellicom.se/webscada.cfm"
},
{
"trust": 0.3,
"url": "/archive/1/514104"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2238"
},
{
"db": "BID",
"id": "43636"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2238"
},
{
"db": "BID",
"id": "43636"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-03T00:00:00",
"db": "IVD",
"id": "7d7e3d5e-463f-11e9-bcc2-000c29342cb1"
},
{
"date": "2010-10-03T00:00:00",
"db": "IVD",
"id": "8fa72c7e-1fad-11e6-abef-000c29c66e3d"
},
{
"date": "2010-10-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2238"
},
{
"date": "2010-10-01T00:00:00",
"db": "BID",
"id": "43636"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-10-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2238"
},
{
"date": "2010-10-01T00:00:00",
"db": "BID",
"id": "43636"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "43636"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intellicom Netbiter webSCADA product \u0027read.cgi\u0027 multiple security vulnerabilities",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2238"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "43636"
}
],
"trust": 0.3
}
}
CVE-2010-4733 (GCVE-0-2010-4733)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-17 01:11- n/a
| URL | Tags |
|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4733",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:11:56.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4732 (GCVE-0-2010-4732)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:33- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/114560 | third-party-advisoryx_refsource_CERT-VN |
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:34.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4732",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:33:26.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4731 (GCVE-0-2010-4731)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-16 16:18- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/114560 | third-party-advisoryx_refsource_CERT-VN |
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4731",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:18:18.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4730 (GCVE-0-2010-4730)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:08- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/114560 | third-party-advisoryx_refsource_CERT-VN |
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4730",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:08:09.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4463 (GCVE-0-2009-4463)
Vulnerability from nvd – Published: 2009-12-30 19:00 – Updated: 2024-08-07 07:01- n/a
| URL | Tags |
|---|---|
| http://www.osvdb.org/61506 | vdb-entryx_refsource_OSVDB |
| http://www.kb.cert.org/vuls/id/902793 | third-party-advisoryx_refsource_CERT-VN |
| http://reversemode.com/index.php?option=com_conte… | x_refsource_MISC |
| http://support.intellicom.se/getfile.cfm?FID=151 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/508449/100… | mailing-listx_refsource_BUGTRAQ |
| http://blog.48bits.com/?p=781 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61506",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"name": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1",
"refsource": "MISC",
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"name": "http://support.intellicom.se/getfile.cfm?FID=151",
"refsource": "MISC",
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"name": "http://blog.48bits.com/?p=781",
"refsource": "MISC",
"url": "http://blog.48bits.com/?p=781"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4463",
"datePublished": "2009-12-30T19:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4732 (GCVE-0-2010-4732)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:33- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/114560 | third-party-advisoryx_refsource_CERT-VN |
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:34.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4732",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:33:26.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4730 (GCVE-0-2010-4730)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:08- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/114560 | third-party-advisoryx_refsource_CERT-VN |
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4730",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:08:09.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4733 (GCVE-0-2010-4733)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-17 01:11- n/a
| URL | Tags |
|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4733",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:11:56.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4731 (GCVE-0-2010-4731)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-16 16:18- n/a
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/114560 | third-party-advisoryx_refsource_CERT-VN |
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4731",
"datePublished": "2011-02-14T23:00:00.000Z",
"dateReserved": "2011-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:18:18.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4463 (GCVE-0-2009-4463)
Vulnerability from cvelistv5 – Published: 2009-12-30 19:00 – Updated: 2024-08-07 07:01- n/a
| URL | Tags |
|---|---|
| http://www.osvdb.org/61506 | vdb-entryx_refsource_OSVDB |
| http://www.kb.cert.org/vuls/id/902793 | third-party-advisoryx_refsource_CERT-VN |
| http://reversemode.com/index.php?option=com_conte… | x_refsource_MISC |
| http://support.intellicom.se/getfile.cfm?FID=151 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/508449/100… | mailing-listx_refsource_BUGTRAQ |
| http://blog.48bits.com/?p=781 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61506",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"name": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1",
"refsource": "MISC",
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"name": "http://support.intellicom.se/getfile.cfm?FID=151",
"refsource": "MISC",
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"name": "http://blog.48bits.com/?p=781",
"refsource": "MISC",
"url": "http://blog.48bits.com/?p=781"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4463",
"datePublished": "2009-12-30T19:00:00.000Z",
"dateReserved": "2009-12-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:01:20.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}