Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2010-4731

CVE information

Published

11 years ago

Last Modified

11 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463..

CVSSv2.0 Score

Severity
Medium
Base Score
6.8/10
Exploit Score
8/10
Access Vector
Network
Access Complexity
Low
Authentication Required
Single
Impact Score
6.9/10
Confidentiality Impact
Complete
Availability Impact
None
Integrity Impact
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:
  Yes
-
cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*
  Yes
-