CVE-2017-9097

EUVD-2017-18035
In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a path traversal technique, as demonstrated by reading the password file, or using the template parameter to cgi-bin/write.cgi to write to an arbitrary file.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
hoytechantiweb
𝑥
≤ 3.8.7
hoytechantiweb
3.0.7:hms2
hoytechantiweb
3.3.5
hoytechantiweb
3.6.1
hoytechantiweb
3.7.1
hoytechantiweb
3.7.2
hoytechantiweb
3.8.1
hoytechantiweb
3.8.2
hoytechantiweb
3.8.3
hoytechantiweb
3.8.4
hoytechantiweb
3.8.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://misteralfa-hack.blogspot.cl/2017/05/apps-industrial-ot-over-server-anti-web.html
https://github.com/ezelf/industrial_Tools/tree/master/scadas_server_antiweb/LFI
https://www.netbiter.com/docs/default-source/netbiter-english/software/hms-security-advisory-2017-05-24-001-ws100-ws200-ec150-ec250.zip
http://misteralfa-hack.blogspot.cl/2017/05/apps-industrial-ot-over-server-anti-web.html
https://github.com/ezelf/industrial_Tools/tree/master/scadas_server_antiweb/LFI
https://www.netbiter.com/docs/default-source/netbiter-english/software/hms-security-advisory-2017-05-24-001-ws100-ws200-ec150-ec250.zip