Iconics : Security Vulnerabilities, CVEs, (Directory traversal)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package file crafted by the attacker.
Max CVSS
7.1
EPSS Score
0.07%
Published
2022-12-14
Updated
2022-12-16
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS GENESIS64 versions 10.97 to 10.97.1 allows a remote unauthenticated attacker to access to arbitrary files in the GENESIS64 server and disclose information stored in the files by embedding a malicious URL parameter in the URL of the monitoring screen delivered to the GENESIS64 mobile monitoring application and accessing the monitoring screen.
Max CVSS
7.5
EPSS Score
0.19%
Published
2022-07-20
Updated
2022-07-27
Directory traversal vulnerability in ICONICS WebHMI 9 and earlier allows remote attackers to read configuration files, and consequently discover password hashes, via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.34%
Published
2016-04-01
Updated
2016-04-04
3 vulnerabilities found