GCVE - cpe:2.3:a:carrier:automatedlogic_webctrl:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:carrier:automatedlogic_webctrl:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Carrier (`4f192991-d852-5560-a7e4-614ce7fd9279`)
Product	Automatedlogic Webctrl (`fb78fe96-34ae-54ad-8e30-7ba19609a545`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-9650`	vulnerable	2026-06-03 14:37:42.022127	Details available An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to upload a malicious file allowing the execution of arbitrary code. Published: 2017-08-25T19:00:00.000Z Updated: 2024-08-05T17:18:00.314Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/100452 https://www.exploit-db.com/exploits/42544/ https://ics-cert.us-cert.gov/advisories/ICSA-17-234-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9644`	vulnerable	2026-06-03 14:37:41.992959	Details available An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An unquoted search path vulnerability may allow a non-privileged local attacker to change files in the installation directory and execute arbitrary code with elevated privileges. Published: 2017-08-25T19:00:00.000Z Updated: 2024-08-05T17:11:02.361Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/100454 https://ics-cert.us-cert.gov/advisories/ICSA-17-234-01 https://www.exploit-db.com/exploits/42542/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9640`	vulnerable	2026-06-03 14:37:41.991450	Details available A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that are used to execute code. This vulnerability does not affect version 6.5 of the software. Published: 2017-08-25T19:00:00.000Z Updated: 2024-08-05T17:11:02.350Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/100452 https://www.exploit-db.com/exploits/42543/ https://ics-cert.us-cert.gov/advisories/ICSA-17-234-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-5795`	vulnerable	2026-06-03 14:35:55.929329	Details available An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents from a server or connected network. Published: 2017-08-31T21:00:00.000Z Updated: 2024-08-06T01:15:10.788Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/100558 https://ics-cert.us-cert.gov/advisories/ICSA-17-150-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.