← voltar
CVE-2017-9640

CVE-2017-9640

EPSS 8.5%CWE-22
A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that are used to execute code. This vulnerability does not affect version 6.5 of the software.
Produtos afetados
n/a · Automated Logic Corporation WebCTRL, i-VU, SiteScan
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/42543/não verificadoexploitdbwww.exploit-db.com/exploits/42543não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://ics-cert.us-cert.gov/advisories/ICSA-17-234-01https://www.exploit-db.com/exploits/42543/http://www.securityfocus.com/bid/100452