Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2014-10-20 15:55
Updated : 2024-02-28 12:20
NVD link : CVE-2014-8329
Mitre link : CVE-2014-8329
CVE.ORG link : CVE-2014-8329
JSON object : View
Products Affected
schrack
- technik_microcontrol_firmware
- technik_microcontrol
CWE
CWE-287
Improper Authentication