CVE-2012-4710
Invensys Wonderware Win-XML Exporter 1522.148.0.0 - XML External Entity Injection
Title source: llmDescription
Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference.
References (1)
Core 1
Core References
US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/pdf/ICSA-13-067-02.pdf
Scores
EPSS
0.0208
EPSS Percentile
79.3%
Details
CWE
CWE-20
Status
published
Products (1)
invensys/wonderware_win-xml_exporter
1522.148.0.0
Published
Apr 04, 2013
Tracked Since
Feb 18, 2026