Critical severity9.4NVD Advisory· Published May 14, 2016· Updated Jun 17, 2026
CVE-2016-2296
CVE-2016-2296
Description
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:meteocontrol:web\'log_basic_100:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:meteocontrol:web\'log_basic_100:-:*:*:*:*:*:*:*
- (no CPE)
cpe:2.3:a:meteocontrol:web\'log_light:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:meteocontrol:web\'log_light:-:*:*:*:*:*:*:*
- (no CPE)
cpe:2.3:a:meteocontrol:web\'log_pro:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:meteocontrol:web\'log_pro:-:*:*:*:*:*:*:*
- cpe:2.3:a:meteocontrol:web\'log_pro_unlimited:-:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- ics-cert.us-cert.gov/advisories/ICSA-16-133-01nvdThird Party AdvisoryUS Government Resource
- seclists.org/fulldisclosure/2016/May/52nvd
- www.exploit-db.com/exploits/39822/nvd
News mentions
0No linked articles in our index yet.