Unauthenticated File Read and Directory Listing Vulnerability in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723

Unauthenticated File Read and Directory Listing Vulnerability in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723

CVE-2023-45912 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.

Learn more about our User Device Pen Test.