CVE-2012-5972
published 2013-01-17CVE-2012-5972: Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot…
PriorityP340medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
4.81%
90.9th percentile
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| specview | specview | <= 2.5 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
SpecView Directory Traversal
cisa_ics·2012-08-01
SpecView Directory Traversal
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
SpecView Directory Traversal
Last RevisedMarch 06, 2014
Alert CodeICSA-13-011-02
## Overview
This advisory is a follow up to the original alert titled ICS-ALERT-12-214-01 SpecView Directory Traversal that was published August 01, 2012, on the ICS-CERT Web. This advisory provides mitigation details for a vulnerability, which impacts SpecView products.
Independent researcher Luigi Auriemma identified a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting SpecView, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) produc
GHSA
GHSA-xhjh-m9vh-w983: Directory traversal vulnerability in the web server in SpecView 2
ghsa_unreviewed·2022-05-17
CVE-2012-5972 [MEDIUM] CWE-22 GHSA-xhjh-m9vh-w983: Directory traversal vulnerability in the web server in SpecView 2
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... (dot dot dot) in a URI.
No detection rules found.
No writeups or analysis indexed.
2013-01-17
Published