CVE-2010-4598

EXPLOITED

Ecava IntegraXor < 3.6.4000.0 - Path Traversal via File Name Parameter

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2010-4598 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Luigi Auriemma.

AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in Ecava IntegraXor SCADA server. The vulnerability allows remote attackers to download arbitrary files from the server's filesystem via a crafted HTTP request.

Description

Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.

Exploits (1)

exploitdb WRITEUP
by Luigi Auriemma · textremotewindows
https://www.exploit-db.com/exploits/15802

This is a writeup describing a directory traversal vulnerability in Ecava IntegraXor SCADA server. The vulnerability allows remote attackers to download arbitrary files from the server's filesystem via a crafted HTTP request.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Ecava IntegraXor <= 3.6.4000.0
No auth needed
Prerequisites: Network access to the target server · Knowledge of a valid PROJECT_NAME
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45535
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15802
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3304
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42730
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/979776

Scores

EPSS 0.0162
EPSS Percentile 82.3%

Details

VulnCheck KEV 2022-01-12
CWE
CWE-22
Status published
Products (3)
ecava/integraxor 3.5.3900.5
ecava/integraxor 3.5.3900.10
ecava/integraxor < 3.6.4000.0
Published Dec 23, 2010
Tracked Since Feb 18, 2026