Cross-site request forgery (CSRF) vulnerability on KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allows remote attackers to hijack the authentication of unspecified victims for requests that disclose the contents of a configuration file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmc_controls | bac-5051e_firmware | * |
KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allow remote attackers to bypass intended access restrictions and read a configuration file via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-284,CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| kmc_controls | bac-5051e_firmware | - |