Unauthenticated Remote Access to Web Configuration Data in IP-AK2 Access Control Panel

Unauthenticated Remote Access to Web Configuration Data in IP-AK2 Access Control Panel

CVE-2019-13525 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.

Learn more about our Web App Pen Testing.