CVE-2017-6020

MEDIUM

LAquis SCADA < 4.1.0.3237 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-6020. PoCs published by James Fitts.

AI-analyzed exploit summary This Metasploit auxiliary module exploits a directory traversal vulnerability in LAquis SCADA Web Server by sending a crafted GET request with '../' sequences to the 'NOME' parameter in the 'listagem.laquis' file, allowing arbitrary file disclosure. The module retrieves the specified file and stores it as loot.

Description

Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.

Exploits (1)

exploitdb WORKING POC
by James Fitts · rubyremotemultiple
https://www.exploit-db.com/exploits/42885

This Metasploit auxiliary module exploits a directory traversal vulnerability in LAquis SCADA Web Server by sending a crafted GET request with '../' sequences to the 'NOME' parameter in the 'listagem.laquis' file, allowing arbitrary file disclosure. The module retrieves the specified file and stores it as loot.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: LAquis SCADA v4.1.0.2385
No auth needed
Prerequisites: Network access to the LAquis SCADA web server on port 1234
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42885/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/97055
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01

Scores

CVSS v3 5.3
EPSS 0.1438
EPSS Percentile 96.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
lcds/laquis_scada < 4.1.0.3237
Published Apr 17, 2018
Tracked Since Feb 18, 2026