Description
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Luigi Auriemma · textwebappswindows
https://www.exploit-db.com/exploits/19455
References (3)
Core 3
Core References
US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-02.pdf
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-13-011-02
Exploit x_refsource_misc
http://aluigi.altervista.org/adv/specview_1-adv.txt
Scores
EPSS
0.0761
EPSS Percentile
91.9%
Details
CWE
CWE-22
CWE-23
Status
published
Products (2)
specview/specview
< 2.5
SpecView/SpecView
< 2.5 Build 853
Published
Jan 17, 2013
Tracked Since
Feb 18, 2026