Vulnerabilities > CVE-2015-1002 - Unspecified vulnerability in Ininet Solutions Scada web Server

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

ininet-solutions

NVD

Published: 2015-10-25

Updated: 2015-10-27

Summary

IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string. <a href="https://cwe.mitre.org/data/definitions/177.html">CWE-177: Improper Handling of URL Encoding (Hex Encoding)</a>

Vulnerable Configurations

Part	Description	Count
Application	Ininet_Solutions Ininet Solutions Scada WEB Server -	1

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02