Unauthenticated Remote Access to Web Configuration Data in IP-AK2 Access Control Panel
CVE-2019-13525 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.
Learn more about our Web App Pen Testing.