Improper Access Restriction in Beckhoff IPC Diagnostics before 1.8
CVE-2015-4051 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:C
Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users, or possibly have unspecified other impact via a crafted request, as demonstrated by a beckhoff.com:service:cxconfig:1#Write SOAP action to /upnpisapi.
Learn more about our Api Penetration Testing.