CVE-2018-10729

Name of the Vulnerable Software and Affected Versions Phoenix Contact FL SWITCH versions 1.0 through 1.33

Description The issue is related to insufficient security mechanisms in the CGI applications of the firmware, allowing a remote attacker to access the contents of configuration files. An unauthenticated user can read the configuration file.

Recommendations For versions 1.0 through 1.33, restrict access to the configuration file to prevent unauthorized reading until a patch is available. Consider implementing additional security measures to protect the configuration files from unauthorized access.