NVD

Id
35419  
Name
CVE-2014-8329  
Description
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-10-20  
Modified Date
2014-10-22  
Seq
2014-8329  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
181583 35419 CVE-2014-8329 20140710 SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system  View
181584 35419 CVE-2014-8329 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
16142 JVNDB-2014-005017 Schrack Technik microControl のファームウェアにおけるアクセスデータを取得される脆弱性 Schrack Technik microControl のファームウェアは、アクセスコントロールが不十分な Web ルート配下に重要な情報を格納するため、ftp および telnet サービス用アクセスデータを取得される脆弱性が存在します。 CVE-2014-8329 75622 CVE-2014-8329 35419 10 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005017.html 2014-07-10 2014-10-27 View