Hidden Virtual Path and File Name Disclosure Vulnerability in Telit Cinterion Modems

Hidden Virtual Path and File Name Disclosure Vulnerability in Telit Cinterion Modems

CVE-2023-47614 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual paths and file names on the targeted system.

Learn more about our Web Application Penetration Testing UK.