CVE-2008-0175
published 2008-01-29CVE-2008-0175: Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by…
PriorityP259high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
15.44%
96.4th percentile
Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ge_fanuc | proficy_real-time_information_portal | <= 2.6 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to /infoAgentSrv/iFixWeb for SOAP calls invoking the writeFile() API method, particularly attempts to upload files with executable extensions (e.g., .jsp, .exe, .asp). ↗
- →Alert on HTTP GET requests to /infoAgentSrv/ containing a 'cmd=' query parameter, which indicates webshell command execution following successful exploitation. ↗
- →Detect unrestricted file upload to the main virtual directory of GE Fanuc Proficy Real-Time Information Portal; any uploaded file with an executable extension (.jsp, .asp, .exe, etc.) should trigger an alert. ↗
- →Inspect SOAP traffic targeting the SOAP namespace 'urn:iFixWeb' for invocations of the writeFile() method from unauthenticated or anomalous sources. ↗
- ·The exploit targets GE Fanuc Proficy Real-Time Information Portal version 2.6 and earlier; versions beyond 2.6 may not be affected. ↗
- ·The Metasploit module requires the httpaccess2 Ruby library (soap/rpc/driver) to function; absence of this dependency will prevent exploitation via this specific module. ↗
- ·The exploit payload space is constrained to 4000 bytes for the targeted platform. ↗
- ·The exploit targets the Windows platform only, as indicated by the module's platform declaration. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qfhg-r7xq-4997: Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2
ghsa_unreviewed·2022-05-01
CVE-2008-0175 [HIGH] GHSA-qfhg-r7xq-4997: Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2
Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory.
CISA ICS
GLEG Agora SCADA+ Exploit Pack
cisa_ics·2018-09-06
GLEG Agora SCADA+ Exploit Pack
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
GLEG Agora SCADA+ Exploit Pack
Last RevisedSeptember 06, 2018
Alert CodeICSA-11-096-01
## OVERVIEW
On March 15, 2011, GLEG Ltd. announced the Agora SCADA+ Exploit Pack for Immunity’s CANVAS system. CANVAS is a penetration testing framework that is extensible using CANVAS Exploit Packs. On March 25, 2011, GLEG announced it would be adding exploits for the 35 vulnerabilities released by Luigi Auriemma on March 21, 2011. The ICS-CERT has not received any reports of this tool being used for an unauthorized compromise of an actual control system installation.
ICS-CERT has prepared t
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/28678http://securityreason.com/securityalert/3591http://support.gefanuc.com/support/index?page=kbchannel&id=KB12460http://www.kb.cert.org/vuls/id/339345http://www.securityfocus.com/archive/1/487079/100/0/threadedhttp://www.securityfocus.com/archive/1/487242/100/0/threadedhttp://www.securityfocus.com/bid/27446http://www.securitytracker.com/id?1019274http://www.vupen.com/english/advisories/2008/0307/referenceshttp://secunia.com/advisories/28678http://securityreason.com/securityalert/3591http://support.gefanuc.com/support/index?page=kbchannel&id=KB12460http://www.kb.cert.org/vuls/id/339345http://www.securityfocus.com/archive/1/487079/100/0/threadedhttp://www.securityfocus.com/archive/1/487242/100/0/threadedhttp://www.securityfocus.com/bid/27446http://www.securitytracker.com/id?1019274http://www.vupen.com/english/advisories/2008/0307/references
2008-01-29
Published