Medium severity6.3NVD Advisory· Published Aug 25, 2017· Updated May 13, 2026

CVE-2017-9640

Description

A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to overwrite files that are used to execute code. This vulnerability does not affect version 6.5 of the software.

Affected products

Automatedlogic/I Vu
cpe:2.3:a:automatedlogic:i-vu:*:*:*:*:*:*:*:*
Range: <=5.2
Automatedlogic/Sitescan Web
cpe:2.3:a:automatedlogic:sitescan_web:*:*:*:*:*:*:*:*
Range: <=5.2
Carrier/Automatedlogic Webctrl
cpe:2.3:a:carrier:automatedlogic_webctrl:*:*:*:*:*:*:*:*
Range: <=5.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100452nvdThird Party AdvisoryVDB Entry
ics-cert.us-cert.gov/advisories/ICSA-17-234-01nvdMitigationThird Party AdvisoryUS Government Resource
www.exploit-db.com/exploits/42543/nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.410
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000