Lutron Quantum BACnet Integration 2.0 Firmware 3.2.243 - User Authentication Bypass and Internal Network Information Disclosure Vulnerability
CVE-2018-8880 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure.
Learn more about our Internal Network Penetration Testing.