VYPR

IDAL

by Abb

CVEs (1)

  • CVE-2019-7226HigJun 27, 2019
    risk 0.58cvss 8.8epss 0.05

    The ABB IDAL HTTP server CGI interface contains a URL that allows an unauthenticated attacker to bypass authentication and gain access to privileged functions. Specifically, /cgi/loginDefaultUser creates a session in an authenticated state and returns the session ID along with…