Unauthenticated Access to Internal Information in ABB VSN300 WiFi Logger Card
CVE-2017-7920 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal information about status and connected devices without authenticating.
Learn more about our Web App Pen Testing.