Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2010-4732

CVE information

Published

11 years ago

Last Modified

11 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463..

CVSSv2.0 Score

Severity
High
Base Score
9/10
Exploit Score
8/10
Access Vector
Network
Access Complexity
Low
Authentication Required
Single
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:
  Yes
-
cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*
  Yes
-