VYPR
Unrated severityNVD Advisory· Published Jan 18, 2020· Updated Aug 4, 2024

CVE-2020-7227

CVE-2020-7227

Description

Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, backup.asp, sys-power.asp, ifaces-wls.asp, ifaces-wls-pkt.asp, and ifaces-wls-pkt-adv.asp.

Affected products

2
  • Westermo/MRD-315description
  • Wago/MRD-315llm-fuzzy
    Range: =1.7.3,=1.7.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.