CVE-2011-4518
published 2013-05-23CVE-2011-4518: Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files…
PriorityP347medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
26.38%
97.8th percentile
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsys | promotic | <= 8.1.4 | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
MICROSYS PROMOTIC Vulnerabilities
cisa_ics·2018-09-06
MICROSYS PROMOTIC Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
MICROSYS PROMOTIC Vulnerabilities
Last RevisedSeptember 06, 2018
Alert Code ICSA-12-024-02
## Overview
This advisory is a follow-up to ICS-ALERT-11-286-01 - MICROSYS PROMOTIC Vulnerabilities, released to the ICS-CERT Web page on October 12, 2011.
Independent researcher Luigi Auriemma has identified and released three vulnerabilities in MICROSYS, spol. s r.o. PROMOTIC application without coordination with ICS-CERT, the vendor, or any other known coordinating entity. The vulnerabilities include directory traversal, ActiveX heap overflow, and ActiveX stack overflow vulnerabilities
GHSA
GHSA-q7gw-6w7m-55gr: Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8
ghsa_unreviewed·2022-05-17
CVE-2011-4518 [MEDIUM] CWE-22 GHSA-q7gw-6w7m-55gr: Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
No detection rules found.
No writeups or analysis indexed.
2013-05-23
Published