Unrated severityNVD Advisory· Published Apr 4, 2013· Updated Jun 16, 2026
CVE-2012-4710
CVE-2012-4710
Description
Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference.
Affected products
2cpe:2.3:a:invensys:wonderware_win-xml_exporter:1522.148.0.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:invensys:wonderware_win-xml_exporter:1522.148.0.0:*:*:*:*:*:*:*
- (no CPE)range: =1522.148.0.0
Patches
Vulnerability mechanics
References
1- ics-cert.us-cert.gov/pdf/ICSA-13-067-02.pdfnvdUS Government Resource
News mentions
0No linked articles in our index yet.