Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Advantech Studio ‘NTWebServer.exe’目录遍历漏洞
Vulnerability Description
Advantech Studio是研华(Advantech)公司的一套包含了所有数据采集与监控(SCADA)的基本组件的自动化软件工具。该工具支持实时动态的图形画面,使用浏览器查看趋势、报警、报表,导入或导出为XML格式的报表和实时数据等。 Advantech Studio中存在目录遍历漏洞,该漏洞源于没有充分验证用户提供的输入。远程攻击者使用目录遍历字符串在受影响应用程序上下文中检索任意文件。Advantech Studio 7.0版本中存在漏洞,其他版本也可能受到影响。
CVSS Information
N/A
Vulnerability Type
N/A