CVE-2011-1565

7-Technologies IGSS <9.00.00.11063 - Path Traversal

Title source: llm

Description

Directory traversal vulnerability in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to (1) read (opcode 0x3) or (2) create or write (opcode 0x2) arbitrary files via ..\ (dot dot backslash) sequences to TCP port 12401.

Exploits (1)

exploitdb WORKING POC

by Luigi Auriemma · textremotewindows

https://www.exploit-db.com/exploits/17024

View Code ZIP pw:eip

References (7)

Core 7

Core References

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/46936

US Government Resource x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/8178

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43849

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0741

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/17024

Exploit x_refsource_misc

http://aluigi.org/adv/igss_1-adv.txt

Scores

EPSS 0.6789

EPSS Percentile 98.6%

Details

CWE

CWE-22

Status published

Products (1)

7t/igss

Published Apr 05, 2011

Tracked Since Feb 18, 2026