Unauthenticated Access to Internal Information in ABB VSN300 WiFi Logger Card

Unauthenticated Access to Internal Information in ABB VSN300 WiFi Logger Card

CVE-2017-7920 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal information about status and connected devices without authenticating.

Learn more about our Web App Pen Testing.