Unauthenticated File Access Vulnerability in Eaton xComfort ECI Versions 1.07 and Prior

Unauthenticated File Access Vulnerability in Eaton xComfort ECI Versions 1.07 and Prior

CVE-2016-9368 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. By accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access files without authenticating.

Learn more about our Web App Pen Testing.