CVE-2013-1627

Indusoft Web Studio & Advantech Studio <=7.0 - Unauthenticated Path Traversal via NTWebServer.exe

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1627. PoCs published by Nin3.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Advantech Studio v7.0 SCADA/HMI's NTWebServer.exe. It iteratively tests nested directory traversal sequences to access arbitrary files on the server.

Description

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nin3 · pythonwebappswindows

https://www.exploit-db.com/exploits/23132

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in Advantech Studio v7.0 SCADA/HMI's NTWebServer.exe. It iteratively tests nested directory traversal sequences to access arbitrary files on the server.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Advantech Studio v7.0 Build Number 0501.1111.0402.0000

No auth needed

Prerequisites: Network access to the target web server · Knowledge of the target file path

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources x_refsource_misc

http://ics-cert.us-cert.gov/pdf/ICSA-13-067-01.pdf

Scores

EPSS 0.0339

EPSS Percentile 87.3%

Details

CWE

CWE-22

Status published

Products (4)

advantech/advantech_studio 6.1 (2 CPE variants)

indusoft/web_studio 6.1 (2 CPE variants)

indusoft/web_studio 7.0

indusoft/web_studio 7.0b2 hotfix7.0.01.04

Published Mar 11, 2013

Tracked Since Feb 18, 2026