Vulnerabilities > Intellicom

DATE CVE VULNERABILITY TITLE RISK
2011-02-15 CVE-2010-4733 Credentials Management vulnerability in Intellicom products
WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password, which makes it easier for remote attackers to obtain superadmin access via the web interface, a different vulnerability than CVE-2009-4463.
network
low complexity
intellicom CWE-255
critical
10.0
2011-02-15 CVE-2010-4732 Code Injection vulnerability in Intellicom products
cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to execute arbitrary code by using a config.html 2.conf action to replace the logo page's GIF image file with a file containing this code, a different vulnerability than CVE-2009-4463.
network
low complexity
intellicom CWE-94
critical
9.0
2011-02-15 CVE-2010-4731 Path Traversal vulnerability in Intellicom products
Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a full pathname in the file parameter, a different vulnerability than CVE-2009-4463.
network
low complexity
intellicom CWE-22
6.8
2011-02-15 CVE-2010-4730 Path Traversal vulnerability in Intellicom products
Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms allows remote authenticated administrators to read arbitrary files via a ..
network
low complexity
intellicom CWE-22
6.8
2009-12-30 CVE-2009-4463 Credentials Management vulnerability in Intellicom products
Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service.
network
low complexity
intellicom CWE-255
critical
10.0
2009-12-30 CVE-2009-4462 Buffer Errors vulnerability in Intellicom Netbiterconfig 1.3.0
Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet.
network
low complexity
intellicom CWE-119
critical
10.0