TRIDIUM NiagaraAX CVE-2012-4701 Directory Traversal Vulnerability
BID:57968
Info
TRIDIUM NiagaraAX CVE-2012-4701 Directory Traversal Vulnerability
| Bugtraq ID: | 57968 |
| Class: | Design Error |
| CVE: |
CVE-2012-4701 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 14 2013 12:00AM |
| Updated: | Feb 14 2013 12:00AM |
| Credit: | Billy Rios and Terry McCorkle |
| Vulnerable: |
TRIDIUM NiagaraAX 3.7 TRIDIUM NiagaraAX 3.6 TRIDIUM NiagaraAX 0 |
| Not Vulnerable: |
TRIDIUM NiagaraAX 3.7.46.3 TRIDIUM NiagaraAX 3.6.47.1 TRIDIUM NiagaraAX 3.5.39 |
Discussion
TRIDIUM NiagaraAX CVE-2012-4701 Directory Traversal Vulnerability
TRIDIUM NiagaraAX is prone to a directory-traversal vulnerability.
Remote attackers can exploit this issue to access arbitrary files, obtain sensitive information, and execute arbitrary code in the context of the application with elevated privileges. This may aid in further attacks.
TRIDIUM NiagaraAX is prone to a directory-traversal vulnerability.
Remote attackers can exploit this issue to access arbitrary files, obtain sensitive information, and execute arbitrary code in the context of the application with elevated privileges. This may aid in further attacks.
Exploit / POC
TRIDIUM NiagaraAX CVE-2012-4701 Directory Traversal Vulnerability
An attacker can use readily available tools to exploit this issue.
An attacker can use readily available tools to exploit this issue.
Solution / Fix
TRIDIUM NiagaraAX CVE-2012-4701 Directory Traversal Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
TRIDIUM NiagaraAX CVE-2012-4701 Directory Traversal Vulnerability
References:
References:
- NiagaraAX Home Page (TRIDIUM)
- NiagaraAX Product Page (TRIDIUM)
- ICSA-13-045-01�??TRIDIUM NIAGARAAX DIRECTORY TRAVERSAL VULNERABILITY (ICS-CERT)