Inadequate Authorization in smart eVision Allows Unauthorized Access to Sensitive Information
CVE-2022-39030 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
smart eVision has inadequate authorization for system information query function. An unauthenticated remote attacker, who is not explicitly authorized to access the information, can access sensitive information.
Learn more about our Web Application Penetration Testing UK.