iniNet SpiderControl SCADA Web Server 2.02 Local Privilege Escalation

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The web server running on the remote host is affected by a local
privilege escalation vulnerability.

Description :

According to its self-reported version, the iniNet SpiderControl SCADA
Web Server running on the remote host is version 2.02. It is,
therefore, affected by a flaw due to setting insecure permissions on
the installation directory and files. A local attacker can exploit
this to replace files, resulting in an escalation of privileges.

See also :

http://www.nessus.org/u?8afd0fa6
http://www.nessus.org/u?e0791ed1
http://www.nessus.org/u?0f97c9ea

Solution :

No fix currently exists. Contact the vendor regarding a patch.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: SCADA

Nessus Plugin ID: 88416 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now