Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OT_500105.NASLHistoryNov 08, 2019 - 12:00 a.m.
Siemens Apogee Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
2019-11-0800:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
0.004 Low
EPSS
Percentile
74.1%
A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices.
File data ot_500105.nasl| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | apogee_pxc_bacnet_automation_controller_firmware | * | cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:*:*:*:*:*:*:*:* |
| siemens | apogee_pxc_bacnet_automation_controller | - | cpe:2.3:h:siemens:apogee_pxc_bacnet_automation_controller:-:*:*:*:*:*:*:* |
| siemens | apogee_pxc_bacnet_automation_controller_firmware | * | cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:*:*:*:*:*:*:*:* |
| siemens | talon_tc_bacnet_automation_controller | - | cpe:2.3:h:siemens:talon_tc_bacnet_automation_controller:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2017-9947
2017-10-23 08:29:00
nessus
nessus
prion
prion
Directory traversal
2017-10-23 08:29:00
nvd
nvd
CVE-2017-9947
2017-10-23 08:29:00
cvelist
cvelist
CVE-2017-9947
2017-10-23 00:00:00
ics
ics
Siemens BACnet Field Panels (Update A)
2022-06-16 12:00:00
zdt
zdt
Siemens APOGEE PXC / TALON TC Authentication Bypass Exploit
2022-10-28 00:00:00
packetstorm
packetstorm
Siemens APOGEE PXC / TALON TC Authentication Bypass
2022-10-28 00:00:00