var-201404-0551
Vulnerability from variot
Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ability to browse outside of the web root via directory traversal. A remote attacker can abuse this to download sensitive files and execute remote code under the context of the user. InduSoft Web Studio is a complete graphics control software that includes the various functional modules required to develop Human Machine Interface (HMI), Management Control, Data Acquisition System (SCADA) and embedded control. InduSoft Web Studio is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the web server. Information harvested may aid in launching further attacks. InduSoft Web Studio 7.1 is vulnerable; other versions may also be affected
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "web studio",
"scope": "eq",
"trust": 2.2,
"vendor": "indusoft",
"version": "7.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "web studio",
"version": "7.1"
},
{
"_id": null,
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1 that\u0027s all 7.1 sp2 patch 4"
},
{
"_id": null,
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric",
"version": null
},
{
"_id": null,
"model": "webstudio",
"scope": null,
"trust": 0.7,
"vendor": "indusoft",
"version": null
},
{
"_id": null,
"model": "web studio sp2",
"scope": "lte",
"trust": 0.6,
"vendor": "indusoft",
"version": "\u003c=7.1"
},
{
"_id": null,
"model": "web studio sp1",
"scope": "eq",
"trust": 0.6,
"vendor": "indusoft",
"version": "7.1"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "web studio",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-118"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504"
},
{
"db": "NVD",
"id": "CVE-2014-0780"
}
]
},
"credits": {
"_id": null,
"data": "John Leitch",
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-118"
},
{
"db": "BID",
"id": "67056"
}
],
"trust": 1.0
},
"cve": "CVE-2014-0780",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-0780",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 2.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-02688",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d76c350-463f-11e9-b69f-000c29342cb1",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "236decfa-1edb-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2014-0780",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2014-0780",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0780",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2014-0780",
"trust": 0.8,
"value": "Critical"
},
{
"author": "ZDI",
"id": "CVE-2014-0780",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-02688",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-504",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-0780",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-118"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
},
{
"db": "VULMON",
"id": "CVE-2014-0780"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504"
},
{
"db": "NVD",
"id": "CVE-2014-0780"
}
]
},
"description": {
"_id": null,
"data": "Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ability to browse outside of the web root via directory traversal. A remote attacker can abuse this to download sensitive files and execute remote code under the context of the user. InduSoft Web Studio is a complete graphics control software that includes the various functional modules required to develop Human Machine Interface (HMI), Management Control, Data Acquisition System (SCADA) and embedded control. InduSoft Web Studio is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. \nExploiting this issue will allow an attacker to view arbitrary files within the context of the web server. Information harvested may aid in launching further attacks. \nInduSoft Web Studio 7.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0780"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261"
},
{
"db": "ZDI",
"id": "ZDI-14-118"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
},
{
"db": "BID",
"id": "67056"
},
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2014-0780"
}
],
"trust": 3.51
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=42699",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0780"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2014-0780",
"trust": 5.3
},
{
"db": "ICS CERT",
"id": "ICSA-14-107-02",
"trust": 3.1
},
{
"db": "BID",
"id": "67056",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "42699",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2014-02688",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2108",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-14-118",
"trust": 0.7
},
{
"db": "OSVDB",
"id": "105551",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D76C350-463F-11E9-B69F-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "236DECFA-1EDB-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2014-0780",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-14-118"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
},
{
"db": "VULMON",
"id": "CVE-2014-0780"
},
{
"db": "BID",
"id": "67056"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504"
},
{
"db": "NVD",
"id": "CVE-2014-0780"
}
]
},
"id": "VAR-201404-0551",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
}
],
"trust": 1.58893775
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
}
]
},
"last_update_date": "2024-11-23T22:23:06.261000Z",
"patch": {
"_id": null,
"data": [
{
"title": "InduSoft",
"trust": 0.8,
"url": "http://www.indusoft.com/"
},
{
"title": "Indusoft has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02"
},
{
"title": "InduSoft Web Studio NTWebServer Directory Traversal Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/45216"
},
{
"title": "IWS71.2.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=49642"
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/Ostorlab/KEV "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-118"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
},
{
"db": "VULMON",
"id": "CVE-2014-0780"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002261"
},
{
"db": "NVD",
"id": "CVE-2014-0780"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-107-02"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/42699/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/67056"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0780"
},
{
"trust": 0.8,
"url": "https://cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"trust": 0.8,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-14-107-02\u00a0"
},
{
"trust": 0.6,
"url": "http://osvdb.com/show/osvdb/105551"
},
{
"trust": 0.3,
"url": "http://www.indusoft.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/ostorlab/kev"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-14-118"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
},
{
"db": "VULMON",
"id": "CVE-2014-0780"
},
{
"db": "BID",
"id": "67056"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504"
},
{
"db": "NVD",
"id": "CVE-2014-0780"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1",
"ident": null
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-14-118",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2014-02688",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2014-0780",
"ident": null
},
{
"db": "BID",
"id": "67056",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002261",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2014-0780",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2014-04-29T00:00:00",
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1",
"ident": null
},
{
"date": "2014-04-29T00:00:00",
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2014-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-14-118",
"ident": null
},
{
"date": "2014-04-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02688",
"ident": null
},
{
"date": "2014-04-25T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0780",
"ident": null
},
{
"date": "2014-04-24T00:00:00",
"db": "BID",
"id": "67056",
"ident": null
},
{
"date": "2014-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002261",
"ident": null
},
{
"date": "2014-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-504",
"ident": null
},
{
"date": "2014-04-25T05:12:07.787000",
"db": "NVD",
"id": "CVE-2014-0780",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2014-05-02T00:00:00",
"db": "ZDI",
"id": "ZDI-14-118",
"ident": null
},
{
"date": "2014-04-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-02688",
"ident": null
},
{
"date": "2017-09-16T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0780",
"ident": null
},
{
"date": "2014-05-21T01:02:00",
"db": "BID",
"id": "67056",
"ident": null
},
{
"date": "2024-07-08T04:59:00",
"db": "JVNDB",
"id": "JVNDB-2014-002261",
"ident": null
},
{
"date": "2014-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-504",
"ident": null
},
{
"date": "2024-11-21T02:02:47.540000",
"db": "NVD",
"id": "CVE-2014-0780",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-504"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "InduSoft Web Studio NTWebServer Directory Traversal Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-02688"
}
],
"trust": 1.0
},
"type": {
"_id": null,
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "7d76c350-463f-11e9-b69f-000c29342cb1"
},
{
"db": "IVD",
"id": "236decfa-1edb-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-504"
}
],
"trust": 1.0
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.