Unauthenticated Access to Internal Configuration Database in SITEL CAP/PRX Firmware 5.2.01

Unauthenticated Access to Internal Configuration Database in SITEL CAP/PRX Firmware 5.2.01

CVE-2021-32453 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attacker could exploit this vulnerability in order to obtain information about the device´s configuration.

Learn more about our Internal Network Penetration Testing.