CVE-2017-7909

Name of the Vulnerable Software and Affected Versions Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior

Description A Use of Client-Side Authentication issue was discovered in the web interface, which uses JavaScript to check client authentication and redirect unauthorized users. This allows attackers to intercept requests and bypass authentication, accessing restricted web pages.

Recommendations For Advantech B+B SmartWorx MESR901 firmware versions 1.5.2 and prior, consider disabling JavaScript authentication in the web interface as a temporary workaround until a patch is available. Restrict access to restricted web pages to minimize the risk of exploitation.