CyberSec.Space Logo
CVEブラウザに戻る

CVE-2013-1627

HIGH
7.8
CVSS Severity Score
EPSS Score0.0960%
EPSS Percentile32.33th
Published2013年3月11日
Last Modified2026年4月29日

Vulnerability Description

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.

Affected Platforms (CPE)

📦
Advantech

Advantech Studio

= 6.1
📦
Advantech

Advantech Studio

= 6.1
📦
Indusoft

Web Studio

= 6.1
📦
Indusoft

Web Studio

= 6.1
📦
Indusoft

Web Studio

= 7.0
📦
Indusoft

Web Studio

= 7.0b2

References & Advisories

🔗 http://ics-cert.us-cert.gov/pdf/ICSA-13-067-01.pdf
🔗 http://ics-cert.us-cert.gov/pdf/ICSA-13-067-01.pdf

関連する脆弱性情報

CVE-2011-048810.0

Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio...

CVE-2011-03409.3

Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual mac...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...