Unauthorized Access to Configuration Files in ZXR10 1800-2S (v3.00.40 and earlier)

Unauthorized Access to Configuration Files in ZXR10 1800-2S (v3.00.40 and earlier)

CVE-2017-10930 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information like administrator accounts and passwords.

Learn more about our User Device Pen Test.