Details of VAR-201010-0437

ID

VAR-201010-0437

TITLE

Intellicom Netbiter webSCADA product 'read.cgi' multiple security vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2010-2238

DESCRIPTION

Intellicom NetBiter is a hardware device that is managed using the WebSCADA protocol. The Intellicom Netbiter webSCADA product 'read.cgi' has multiple security vulnerabilities that allow attackers to obtain sensitive information. - Local files are available through directory traversal attacks: /cgi-bin/read.cgi?page=../../../../../../../../../.. /../etc/passwd%00- can submit the following request for sensitive information: /cgi-bin/read.cgi?file=/home/config/users.cfg - by injecting a specially constructed GIF image on the LOGO page modification Upload malicious code: /cgi-bin/read.cgi?page=config.html&file=/home/config/pages/2.conf&section=PAGE2GIF Hide malicious code in image content for SCADA server management and unauthorized OS command execution. An attacker can exploit these issues to upload and execute arbitrary script code on an affected computer with the privileges of the webserver process, view arbitrary local files, or obtain sensitive data that can aid in further attacks. Netbiter webSCADA WS100 and Netbiter webSCADA WS200 are vulnerable; other versions may also be affected

Trust: 1.17

sources: CNVD: CNVD-2010-2238 // BID: 43636 // IVD: 7d7e3d5e-463f-11e9-bcc2-000c29342cb1 // IVD: 8fa72c7e-1fad-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.4

sources: IVD: 7d7e3d5e-463f-11e9-bcc2-000c29342cb1 // IVD: 8fa72c7e-1fad-11e6-abef-000c29c66e3d // CNVD: CNVD-2010-2238

AFFECTED PRODUCTS

vendor:	intellicom	model:	innovation netbiter webscada ws200/ws100	scope:	-	version:	-	Trust: 0.6
vendor:	intellicom	model:	innovation netbiter webscada ws200/ws100	scope:	eq	version:	*	Trust: 0.4
vendor:	intellicom	model:	innovation netbiter webscada ws200	scope:	eq	version:	0	Trust: 0.3
vendor:	intellicom	model:	innovation netbiter webscada ws100	scope:	eq	version:	0	Trust: 0.3

sources: IVD: 7d7e3d5e-463f-11e9-bcc2-000c29342cb1 // IVD: 8fa72c7e-1fad-11e6-abef-000c29c66e3d // CNVD: CNVD-2010-2238 // BID: 43636

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD:	7d7e3d5e-463f-11e9-bcc2-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	8fa72c7e-1fad-11e6-abef-000c29c66e3d
value:	LOW
Trust: 0.2

IVD:	7d7e3d5e-463f-11e9-bcc2-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	8fa72c7e-1fad-11e6-abef-000c29c66e3d
severity:	NONE
baseScore:	NONE
vectorString:	NONE
accessVector:	NONE
accessComplexity:	NONE
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	UNKNOWN
Trust: 0.2

sources: IVD: 7d7e3d5e-463f-11e9-bcc2-000c29342cb1 // IVD: 8fa72c7e-1fad-11e6-abef-000c29c66e3d

THREAT TYPE

network

Trust: 0.3

sources: BID: 43636

TYPE

Unknown

Trust: 0.3

sources: BID: 43636

EXTERNAL IDS

db:	CNVD	id:	CNVD-2010-2238	Trust: 1.0
db:	BID	id:	43636	Trust: 0.9
db:	IVD	id:	7D7E3D5E-463F-11E9-BCC2-000C29342CB1	Trust: 0.2
db:	IVD	id:	8FA72C7E-1FAD-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: 7d7e3d5e-463f-11e9-bcc2-000c29342cb1 // IVD: 8fa72c7e-1fad-11e6-abef-000c29c66e3d // CNVD: CNVD-2010-2238 // BID: 43636

REFERENCES

url:	http://www.securityfocus.com/archive/1/514104	Trust: 0.6
url:	http://www.intellicom.se/webscada.cfm	Trust: 0.3
url:	/archive/1/514104	Trust: 0.3

sources: CNVD: CNVD-2010-2238 // BID: 43636

CREDITS

Eugene Salov and Andrej Komarov

Trust: 0.3

sources: BID: 43636

SOURCES

db:	IVD	id:	7d7e3d5e-463f-11e9-bcc2-000c29342cb1
db:	IVD	id:	8fa72c7e-1fad-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2010-2238
db:	BID	id:	43636

LAST UPDATE DATE

2022-05-17T02:07:22.181000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2010-2238	date:	2010-10-03T00:00:00
db:	BID	id:	43636	date:	2010-10-01T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	7d7e3d5e-463f-11e9-bcc2-000c29342cb1	date:	2010-10-03T00:00:00
db:	IVD	id:	8fa72c7e-1fad-11e6-abef-000c29c66e3d	date:	2010-10-03T00:00:00
db:	CNVD	id:	CNVD-2010-2238	date:	2010-10-03T00:00:00
db:	BID	id:	43636	date:	2010-10-01T00:00:00