What is the severity of CVE-2015-0984?

CVE-2015-0984 is classified as a high-severity vulnerability due to the potential for remote code execution.

How do I fix CVE-2015-0984?

To fix CVE-2015-0984, upgrade the affected Honeywell Excel Web devices to version 2.04.01 or later.

What types of devices are affected by CVE-2015-0984?

CVE-2015-0984 affects various Honeywell Excel Web XL1000 controllers, including models with different I/O configurations.

What is the nature of the vulnerability in CVE-2015-0984?

CVE-2015-0984 is a directory traversal vulnerability in the FTP server that allows unauthorized access to restricted files.

Can CVE-2015-0984 be exploited remotely?

Yes, CVE-2015-0984 can be exploited remotely, allowing attackers to potentially gain unauthorized access to system files.

Vulnerability/
CVE-2015-0984

critical

CWE

31/3/2015

6/8/2024

CVE-2015-0984: Path Traversal

First published: Tue Mar 31 2015(Updated: )

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows remote attackers to read files under the web root, and consequently obtain administrative login access, via a crafted pathname.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Honeywell Excel Web XL 1000C100	<=2.04.00
Honeywell Excel Web Xl 1000c1000 600 I/o	<=2.04.00
Honeywell Excel Web XL 1000C1000 600 I/O Uukl	<=2.04.00
Honeywell Excel Web Xl 1000c100u 104 I/o Uukl	<=2.04.00
Honeywell Excel Web XL 1000C50 52 I/O	<=2.04.00
Honeywell Excel Web XL 1000C500 300 I/O	<=2.04.00
Honeywell Excel Web Xl 1000c500 300 I/o Uukl	<=2.04.00
Honeywell Excel Web Xl 1000c50u 52 I/o Uukl	<=2.04.00

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-0984?
CVE-2015-0984 is classified as a high-severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2015-0984?
To fix CVE-2015-0984, upgrade the affected Honeywell Excel Web devices to version 2.04.01 or later.
What types of devices are affected by CVE-2015-0984?
CVE-2015-0984 affects various Honeywell Excel Web XL1000 controllers, including models with different I/O configurations.
What is the nature of the vulnerability in CVE-2015-0984?
CVE-2015-0984 is a directory traversal vulnerability in the FTP server that allows unauthorized access to restricted files.
Can CVE-2015-0984 be exploited remotely?
Yes, CVE-2015-0984 can be exploited remotely, allowing attackers to potentially gain unauthorized access to system files.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/severity
agent/last-modified-date
agent/author
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/honeywell
canonical/honeywell excel web xl 1000c100
version/honeywell excel web xl 1000c100/2.04.00
canonical/honeywell excel web xl 1000c1000 600 i/o
version/honeywell excel web xl 1000c1000 600 i/o/2.04.00
canonical/honeywell excel web xl 1000c1000 600 i/o uukl
version/honeywell excel web xl 1000c1000 600 i/o uukl/2.04.00
canonical/honeywell excel web xl 1000c100u 104 i/o uukl
version/honeywell excel web xl 1000c100u 104 i/o uukl/2.04.00
canonical/honeywell excel web xl 1000c50 52 i/o
version/honeywell excel web xl 1000c50 52 i/o/2.04.00
canonical/honeywell excel web xl 1000c500 300 i/o
version/honeywell excel web xl 1000c500 300 i/o/2.04.00
canonical/honeywell excel web xl 1000c500 300 i/o uukl
version/honeywell excel web xl 1000c500 300 i/o uukl/2.04.00
canonical/honeywell excel web xl 1000c50u 52 i/o uukl
version/honeywell excel web xl 1000c50u 52 i/o uukl/2.04.00