Unauthenticated Access to Modbus Registers in PR100088 Modbus Gateway

Unauthenticated Access to Modbus Registers in PR100088 Modbus Gateway

CVE-2019-6533 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).

Learn more about our Web App Pen Testing.