Unauthenticated Access to Configuration Files and Application Pages in ABB IP GATEWAY 3.39 and Prior

Unauthenticated Access to Configuration Files and Application Pages in ABB IP GATEWAY 3.39 and Prior

CVE-2017-7931 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication.

Learn more about our Web App Pen Testing.