VYPR

MACH-ProWebCom

by Reliable Controls

CVEs (2)

  • CVE-2018-12594HigJun 20, 2018
    risk 0.49cvss 7.5epss 0.01

    Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Password field.

  • CVE-2019-18249MedDec 24, 2019
    risk 0.40cvss 6.1epss 0.01

    Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firmware versions prior to 8.26.4), may allow attacker to execute commands on behalf of the user when an authenticated user clicks on a malicious link.