CyberSec.Space Logo
Back to CVE Browser

CVE-2016-4532

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.1330%
EPSS Percentile40.59th
PublishedJun 9, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Directory traversal vulnerability in the WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to read arbitrary files via a crafted pathname.

Affected Platforms (CPE)

πŸ“¦
Trihedral

Vtscada

= 10.1.05
πŸ“¦
Trihedral

Vtscada

= 10.1.06
πŸ“¦
Trihedral

Vtscada

= 10.1.07
πŸ“¦
Trihedral

Vtscada

= 10.1.12
πŸ“¦
Trihedral

Vtscada

= 9.0.02
πŸ“¦
Trihedral

Vtscada

= 9.0.03
πŸ“¦
Trihedral

Vtscada

= 9.0.08
πŸ“¦
Trihedral

Vtscada

= 9.1.02
πŸ“¦
Trihedral

Vtscada

= 9.1.03
πŸ“¦
Trihedral

Vtscada

= 9.1.05
πŸ“¦
Trihedral

Vtscada

= 9.1.09
πŸ“¦
Trihedral

Vtscada

= 9.1.11
πŸ“¦
Trihedral

Vtscada

= 9.1.14
πŸ“¦
Trihedral

Vtscada

= 9.1.20
πŸ“¦
Trihedral

Vtscada

= 11.0.05
πŸ“¦
Trihedral

Vtscada

= 11.0.07
πŸ“¦
Trihedral

Vtscada

= 10.2.05
πŸ“¦
Trihedral

Vtscada

= 10.2.07
πŸ“¦
Trihedral

Vtscada

= 10.2.08
πŸ“¦
Trihedral

Vtscada

= 10.2.11
πŸ“¦
Trihedral

Vtscada

= 10.2.13
πŸ“¦
Trihedral

Vtscada

= 10.2.14
πŸ“¦
Trihedral

Vtscada

= 10.2.15
πŸ“¦
Trihedral

Vtscada

= 10.2.17
πŸ“¦
Trihedral

Vtscada

= 10.2.19
πŸ“¦
Trihedral

Vtscada

= 10.2.20
πŸ“¦
Trihedral

Vtscada

= 10.2.21
πŸ“¦
Trihedral

Vtscada

= 10.2.22
πŸ“¦
Trihedral

Vtscada

= 8.0.05
πŸ“¦
Trihedral

Vtscada

= 8.0.12
πŸ“¦
Trihedral

Vtscada

= 8.0.16
πŸ“¦
Trihedral

Vtscada

= 8.0.18
πŸ“¦
Trihedral

Vtscada

= 8.1.05
πŸ“¦
Trihedral

Vtscada

= 8.1.06
πŸ“¦
Trihedral

Vtscada

= 11.1.05
πŸ“¦
Trihedral

Vtscada

= 11.1.06
πŸ“¦
Trihedral

Vtscada

= 11.1.09
πŸ“¦
Trihedral

Vtscada

= 11.1.10
πŸ“¦
Trihedral

Vtscada

= 11.1.13
πŸ“¦
Trihedral

Vtscada

= 11.1.14
πŸ“¦
Trihedral

Vtscada

= 11.1.15
πŸ“¦
Trihedral

Vtscada

= 11.1.16
πŸ“¦
Trihedral

Vtscada

= 11.1.17
πŸ“¦
Trihedral

Vtscada

= 11.1.18
πŸ“¦
Trihedral

Vtscada

= 11.1.19
πŸ“¦
Trihedral

Vtscada

= 11.1.20
πŸ“¦
Trihedral

Vtscada

= 11.1.21
πŸ“¦
Trihedral

Vtscada

= 11.1.22
πŸ“¦
Trihedral

Vtscada

= 11.1.24
πŸ“¦
Trihedral

Vtscada

= 10.0.11
πŸ“¦
Trihedral

Vtscada

= 10.0.13
πŸ“¦
Trihedral

Vtscada

= 10.0.14
πŸ“¦
Trihedral

Vtscada

= 10.0.16
πŸ“¦
Trihedral

Vtscada

= 10.0.17

References & Advisories

πŸ”— http://www.securityfocus.com/bid/91077
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-16-403
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-16-159-01
πŸ”— http://www.securityfocus.com/bid/91077
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-16-403
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSA-16-159-01

Related Vulnerabilities

CVE-2016-45109.1

The WAP interface in Trihedral VTScada (formerly VTS) 8.x through 11.x before 11.2.02 allows remote attackers to bypass authentica...

CVE-2014-91927.8

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x befo...

CVE-2017-140297.8

An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute speciall...

CVE-2017-140317.8

An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administrator user has privil...