CVE-2010-4730

Name of the Vulnerable Software and Affected Versions WebSCADA WS100 and WS200 versions (affected versions not specified) Easy Connect EC150 versions (affected versions not specified) Modbus RTU - TCP Gateway MB100 versions (affected versions not specified) Serial Ethernet Server SS100 versions (affected versions not specified) IntelliCom NetBiter NB100 and NB200 platforms versions (affected versions not specified)

Description A directory traversal issue exists in the cgi-bin/read.cgi file, allowing remote authenticated administrators to read arbitrary files by using a .. (dot dot) in the page parameter.

Recommendations For WebSCADA WS100 and WS200, restrict access to the cgi-bin/read.cgi file until a fix is available. For Easy Connect EC150, consider disabling the read.cgi functionality to prevent exploitation. For Modbus RTU - TCP Gateway MB100, avoid using the page parameter in the cgi-bin/read.cgi file until the issue is resolved. For Serial Ethernet Server SS100, limit access to the cgi-bin directory to minimize the risk of exploitation. For IntelliCom NetBiter NB100 and NB200 platforms, as a temporary workaround, consider restricting access to the read.cgi file until a patch is available.