CVE-2015-0984
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows remote attackers to read files under the web root, and consequently obtain administrative login access, via a crafted pathname.
Affected Platforms (CPE)
💻
Honeywell
Excel Web Xl 1000c100 104 I\/o
<= 2.04.00💻
Honeywell
Excel Web Xl 1000c1000 600 I\/o
<= 2.04.00💻
Honeywell
Excel Web Xl 1000c1000 600 I\/o Uukl
<= 2.04.00💻
Honeywell
Excel Web Xl 1000c100u 104 I\/o Uukl
<= 2.04.00💻
Honeywell
Excel Web Xl 1000c50 52 I\/o
<= 2.04.00💻
Honeywell
Excel Web Xl 1000c500 300 I\/o
<= 2.04.00💻
Honeywell
Excel Web Xl 1000c500 300 I\/o Uukl
<= 2.04.00💻
Honeywell