CVE-2010-4598
published 2010-12-23CVE-2010-4598: Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the…
PriorityP272medium5CVSS 2.0
AVNACLAuNCPINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
26.48%
97.8th percentile
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ecava | integraxor | <= 3.6.4000.0 | — |
| ecava | integraxor | — | — |
| ecava | integraxor | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect HTTP GET requests to the IntegraXor 'open' endpoint on port 7131 containing directory traversal sequences ('..\') in the 'file_name' parameter. ↗
- →The vulnerable parameter is 'file_name' in an 'open' request; flag any request where this parameter traverses outside the web root using backslash-based dot-dot sequences. ↗
- ·The PROJECT_NAME segment of the URL path is variable and corresponds to any project hosted on the server; detection rules should treat this path component as a wildcard. ↗
- ·No vendor fix was available at time of disclosure; affected versions are 3.6.4000.0 and earlier running on Windows platforms. ↗
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-33j6-92fw-qjc4: Directory traversal vulnerability in Ecava IntegraXor 3
ghsa_unreviewed·2022-05-17
CVE-2010-4598 [MEDIUM] CWE-22 GHSA-33j6-92fw-qjc4: Directory traversal vulnerability in Ecava IntegraXor 3
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
VulnCheck
ecava integraxor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2010·CVSS 5.0
CVE-2010-4598 [MEDIUM] ecava integraxor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
ecava integraxor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file_name parameter in an open request.
Affected: ecava integraxor
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://blog.checkpoint.com/security/december-2021s-most-wanted-malware-trickbot-emotet-and-the-log4j-plague/; https://blog.checkpoint.com/security/april-2022s-most-wanted-malware-a-shake-up-in-the-index-but-emotet-is-still-on-top/; https://blog.checkpoint.com/security/april-2024s-most-wanted-malware
CISA ICS
GLEG Agora SCADA+ Exploit Pack
cisa_ics·2018-09-06
GLEG Agora SCADA+ Exploit Pack
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
GLEG Agora SCADA+ Exploit Pack
Last RevisedSeptember 06, 2018
Alert CodeICSA-11-096-01
## OVERVIEW
On March 15, 2011, GLEG Ltd. announced the Agora SCADA+ Exploit Pack for Immunity’s CANVAS system. CANVAS is a penetration testing framework that is extensible using CANVAS Exploit Packs. On March 25, 2011, GLEG announced it would be adding exploits for the 35 vulnerabilities released by Luigi Auriemma on March 21, 2011. The ICS-CERT has not received any reports of this tool being used for an unauthorized compromise of an actual control system installation.
ICS-CERT has prepared t
No detection rules found.
No writeups or analysis indexed.
http://aluigi.org/adv/integraxor_1-adv.txthttp://secunia.com/advisories/42730http://www.exploit-db.com/exploits/15802http://www.integraxor.com/blog/integraxor-3-6-scada-security-issue-20101222-0323-vulnerability-notehttp://www.kb.cert.org/vuls/id/979776http://www.securityfocus.com/bid/45535http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-10-355-01.pdfhttp://www.vupen.com/english/advisories/2010/3304http://aluigi.org/adv/integraxor_1-adv.txthttp://secunia.com/advisories/42730http://www.exploit-db.com/exploits/15802http://www.integraxor.com/blog/integraxor-3-6-scada-security-issue-20101222-0323-vulnerability-notehttp://www.kb.cert.org/vuls/id/979776http://www.securityfocus.com/bid/45535http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-10-355-01.pdfhttp://www.vupen.com/english/advisories/2010/3304
2010-12-23
Published
Exploited in the wild