Path Traversal in Smart Hmi Webiq

CVE-2024-8752

The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.911 (99.7th percentile) — read the EPSS interpretation.

Affected products

Smart Hmi Webiq — versions 2.15.19

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

www.tenable.com/security/research/tra-2024-38

Frequently asked questions

What is CVE-2024-8752?: CVE-2024-8752 is a vulnerability in Smart Hmi Webiq, classified under Path Traversal. Published 2024-09-16.
Is CVE-2024-8752 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.