Missing Authentication in LS ELECTRIC XBC-DN32U OS 01.80 Allows Arbitrary File Deletion

CVE-2023-0102 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. This could allow an attacker to delete arbitrary files.

Learn more about our Web Application Penetration Testing UK.