CVE-2010-4732

{"id": "CVE-2010-4732", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-02-15T01:00:01.727", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2010-10/0002.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/114560", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-10-316-01A.pdf", "tags": ["US Government Resource"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463."}, {"lang": "es", "value": "cgi-bin/read.cgi en WebSCADA WS100 y WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, y Serial Ethernet Server SS100 en el IntelliCom NetBiter NB100 y plataformas NB200 permite a administradores autenticados de forma remota ejecutar c\u00f3digo de su elecci\u00f3n usando la acci\u00f3n config.html 2.conf para reemplazar el logo de la p\u00e1gina principal que es una imagen GIF por un archivo que contiene este c\u00f3digo, una vulnerabilidad distinta que CVE-2009-4463."}], "lastModified": "2011-02-15T05:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intellicom:netbiter_easyconnect_ec150:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC537D95-3DCD-4FD8-9CCE-61F70A818F4C"}, {"criteria": "cpe:2.3:h:intellicom:netbiter_modbus_rtu-tcp_gateway_mb100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DBABB5F-235A-427D-B13E-7DCBFE7A4337"}, {"criteria": "cpe:2.3:h:intellicom:netbiter_serial_ethernet_server_ss100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFD64BF7-5945-4CDE-84E3-D872081CB42F"}, {"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCD25C93-C0EE-4EFD-8066-53CE3840BF1B"}, {"criteria": "cpe:2.3:h:intellicom:netbiter_webscada_ws200:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01FE6CE4-81D4-47B9-A859-92E267712B49"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:intellicom:netbiter_nb100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD774110-E3E9-4A65-9B8D-5A62B0AEB410"}, {"criteria": "cpe:2.3:h:intellicom:netbiter_nb200:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "769218F4-5A0A-42E6-8DB4-F133AF5741E8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}