Search criteria
15 vulnerabilities found for netbiter_webscada_ws100 by intellicom
FKIE_CVE-2010-4733
Vulnerability from fkie_nvd - Published: 2011-02-15 01:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC537D95-3DCD-4FD8-9CCE-61F70A818F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBABB5F-235A-427D-B13E-7DCBFE7A4337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD64BF7-5945-4CDE-84E3-D872081CB42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD25C93-C0EE-4EFD-8066-53CE3840BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01FE6CE4-81D4-47B9-A859-92E267712B49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD774110-E3E9-4A65-9B8D-5A62B0AEB410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769218F4-5A0A-42E6-8DB4-F133AF5741E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
},
{
"lang": "es",
"value": "WebSCADA WS100 y WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, y Serial Ethernet Server SS100 sobre el IntelliCom NetBiter NB100 y plataformas NB200 tienen por defecto un nombre de usuario y una contrase\u00f1a, esto facilita a los atacantes remotos conseguir acceso de superadmin a trav\u00e9s de una interfaz web, una vulnerabilidad diferente que CVE-2009-4463."
}
],
"id": "CVE-2010-4733",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-15T01:00:01.853",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4731
Vulnerability from fkie_nvd - Published: 2011-02-15 01:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC537D95-3DCD-4FD8-9CCE-61F70A818F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBABB5F-235A-427D-B13E-7DCBFE7A4337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD64BF7-5945-4CDE-84E3-D872081CB42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD25C93-C0EE-4EFD-8066-53CE3840BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01FE6CE4-81D4-47B9-A859-92E267712B49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD774110-E3E9-4A65-9B8D-5A62B0AEB410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769218F4-5A0A-42E6-8DB4-F133AF5741E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio absoluto en cgi-bin/read.cgi en WebSCADA WS100 y WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, y Serial Ethernet Server SS100 en el IntelliCom NetBiter NB100 y plataformas NB200 permite a administradores autenticados de forma remota leer archivos de su elecci\u00f3n a trav\u00e9s de una ruta completa en el par\u00e1metro del archivo, una vulnerabilidad distinta que CVE-2009-4463."
}
],
"id": "CVE-2010-4731",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-15T01:00:01.603",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4732
Vulnerability from fkie_nvd - Published: 2011-02-15 01:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC537D95-3DCD-4FD8-9CCE-61F70A818F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBABB5F-235A-427D-B13E-7DCBFE7A4337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD64BF7-5945-4CDE-84E3-D872081CB42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD25C93-C0EE-4EFD-8066-53CE3840BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01FE6CE4-81D4-47B9-A859-92E267712B49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD774110-E3E9-4A65-9B8D-5A62B0AEB410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769218F4-5A0A-42E6-8DB4-F133AF5741E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
},
{
"lang": "es",
"value": "cgi-bin/read.cgi en WebSCADA WS100 y WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, y Serial Ethernet Server SS100 en el IntelliCom NetBiter NB100 y plataformas NB200 permite a administradores autenticados de forma remota ejecutar c\u00f3digo de su elecci\u00f3n usando la acci\u00f3n config.html 2.conf para reemplazar el logo de la p\u00e1gina principal que es una imagen GIF por un archivo que contiene este c\u00f3digo, una vulnerabilidad distinta que CVE-2009-4463."
}
],
"id": "CVE-2010-4732",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-15T01:00:01.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-4730
Vulnerability from fkie_nvd - Published: 2011-02-15 01:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC537D95-3DCD-4FD8-9CCE-61F70A818F4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBABB5F-235A-427D-B13E-7DCBFE7A4337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD64BF7-5945-4CDE-84E3-D872081CB42F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD25C93-C0EE-4EFD-8066-53CE3840BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01FE6CE4-81D4-47B9-A859-92E267712B49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD774110-E3E9-4A65-9B8D-5A62B0AEB410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "769218F4-5A0A-42E6-8DB4-F133AF5741E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio absoluto en cgi-bin/read.cgi en WebSCADA WS100 y WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, y Serial Ethernet Server SS100 en el IntelliCom NetBiter NB100 y plataformas NB200 permite a administradores autenticados de forma remota leer archivos de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en el par\u00e1metro de la p\u00e1gina, una vulnerabilidad diferente que CVE-2009-4463."
}
],
"id": "CVE-2010-4730",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-15T01:00:01.477",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-4463
Vulnerability from fkie_nvd - Published: 2009-12-30 20:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intellicom | netbiter_webscada_firmware | 3.11.0 | |
| intellicom | netbiter_webscada_firmware | 3.11.1 | |
| intellicom | netbiter_webscada_firmware | 3.11.2 | |
| intellicom | netbiter_webscada_firmware | 3.12.4 | |
| intellicom | netbiter_webscada_firmware | 3.12.6 | |
| intellicom | netbiter_webscada_firmware | 3.13.0 | |
| intellicom | netbiter_webscada_firmware | 3.13.1 | |
| intellicom | netbiter_webscada_firmware | 3.13.2 | |
| intellicom | netbiter_webscada_firmware | 3.20.0 | |
| intellicom | netbiter_webscada_firmware | 3.30.0 | |
| intellicom | netbiter_webscada_firmware | 3.30.1 | |
| intellicom | netbiter_webscada_firmware | 3.30.2 | |
| intellicom | netbiter_webscada_ws100 | * | |
| intellicom | netbiter_webscada_ws200 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "821CF156-EE67-4710-846F-9958C89F28B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "949AC3D0-B87C-45D7-953E-2EC42CAF55E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BE6E86-7CDC-4478-8A8E-125FD1BC7E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C551AD7C-21AF-4D4D-BEFF-19D4E15F33EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3AAB8E-0B30-4544-BC28-36DCAFE4E7A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.13.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "682C0FBA-03F7-4C83-8BA4-1A9125445104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1900CA98-62FF-43CF-A95B-1AC61C238BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBED14C5-A19E-4FFB-99E0-CB49FB494BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF175A2-5BE7-4F86-A8C9-0F562F221BB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.30.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF18BA5-9A8D-41DB-83C0-BAD1EA3201B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.30.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D48AAF-E361-4201-8C99-FCED8E256E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_firmware:3.30.2:b184:*:*:*:*:*:*",
"matchCriteriaId": "CCD1805D-FFF7-427A-B0B0-9D5543666A6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD25C93-C0EE-4EFD-8066-53CE3840BF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01FE6CE4-81D4-47B9-A859-92E267712B49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
},
{
"lang": "es",
"value": "Los dispositivos NetBiter WebSCADA de Intellicom, usan contrase\u00f1as predeterminadas para el servicio de configuraci\u00f3n de red HICP, lo que facilita a los atacantes remotos modificar la configuraci\u00f3n de red y causar una denegaci\u00f3n de servicio. NOTA: esto es s\u00f3lo una vulnerabilidad cuando el administrador no sigue las recomendaciones en la documentaci\u00f3n de instalaci\u00f3n del producto. NOTA: este problema se inform\u00f3 originalmente como contrase\u00f1as embebidas, no contrase\u00f1as predeterminadas."
}
],
"id": "CVE-2009-4463",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-30T20:00:01.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.48bits.com/?p=781"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"source": "cve@mitre.org",
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/61506"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.48bits.com/?p=781"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/61506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-4732 (GCVE-0-2010-4732)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:33
VLAI?
Summary
cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:34.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4732",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-16T17:33:26.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4730 (GCVE-0-2010-4730)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:08
VLAI?
Summary
Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4730",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-16T17:08:09.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4731 (GCVE-0-2010-4731)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-16 16:18
VLAI?
Summary
Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4731",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-16T16:18:18.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4733 (GCVE-0-2010-4733)
Vulnerability from cvelistv5 – Published: 2011-02-14 23:00 – Updated: 2024-09-17 01:11
VLAI?
Summary
WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4733",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-17T01:11:56.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4463 (GCVE-0-2009-4463)
Vulnerability from cvelistv5 – Published: 2009-12-30 19:00 – Updated: 2024-08-07 07:01
VLAI?
Summary
Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61506",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"name": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1",
"refsource": "MISC",
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"name": "http://support.intellicom.se/getfile.cfm?FID=151",
"refsource": "MISC",
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"name": "http://blog.48bits.com/?p=781",
"refsource": "MISC",
"url": "http://blog.48bits.com/?p=781"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4463",
"datePublished": "2009-12-30T19:00:00",
"dateReserved": "2009-12-30T00:00:00",
"dateUpdated": "2024-08-07T07:01:20.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4732 (GCVE-0-2010-4732)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:33
VLAI?
Summary
cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:34.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page\u0027s GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4732",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-16T17:33:26.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4730 (GCVE-0-2010-4730)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-16 17:08
VLAI?
Summary
Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4730",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the page parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4730",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-16T17:08:09.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4731 (GCVE-0-2010-4731)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-16 16:18
VLAI?
Summary
Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#114560",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#114560",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/114560"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4731",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-16T16:18:18.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4733 (GCVE-0-2010-4733)
Vulnerability from nvd – Published: 2011-02-14 23:00 – Updated: 2024-09-17 01:11
VLAI?
Summary
WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:55:35.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf"
},
{
"name": "20101001 [STANKOINFORMZASCHITA-10-01] Netbiter, webSCADA multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4733",
"datePublished": "2011-02-14T23:00:00Z",
"dateReserved": "2011-02-14T00:00:00Z",
"dateUpdated": "2024-09-17T01:11:56.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4463 (GCVE-0-2009-4463)
Vulnerability from nvd – Published: 2009-12-30 19:00 – Updated: 2024-08-07 07:01
VLAI?
Summary
Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "61506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.48bits.com/?p=781"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product\u0027s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61506",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61506"
},
{
"name": "VU#902793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/902793"
},
{
"name": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1",
"refsource": "MISC",
"url": "http://reversemode.com/index.php?option=com_content\u0026task=view\u0026id=65\u0026Itemid=1"
},
{
"name": "http://support.intellicom.se/getfile.cfm?FID=151",
"refsource": "MISC",
"url": "http://support.intellicom.se/getfile.cfm?FID=151"
},
{
"name": "20091214 Exposing HMS HICP Protocol + Intellicom NetBiterConfig.exe Remote Buffer Overflow (Not patched)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508449/100/0/threaded"
},
{
"name": "http://blog.48bits.com/?p=781",
"refsource": "MISC",
"url": "http://blog.48bits.com/?p=781"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4463",
"datePublished": "2009-12-30T19:00:00",
"dateReserved": "2009-12-30T00:00:00",
"dateUpdated": "2024-08-07T07:01:20.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}