CVE-2015-1002

EUVD-2015-1146
IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
ininet_solutionsscada_web_server
-
𝑥
= Vulnerable software versions
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02
https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02