Saket-Taneja

**Name of the Vulnerable Software and Affected Versions** Maipu MP1800X-50 version 7.5.3.14(R) **Description** The issue is related to insufficient access control in the web interface of the Maipu MP1800X-50 device. This allows a remote attacker to obtain sensitive information. The affected URI is "form/formDeviceVerGet", which can disclose details such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime. **Recommendations** For version 7.5.3.14(R), consider restricting access to the "form/formDeviceVerGet" URI to minimize the risk of exploitation. Additionally, limit the disclosure of sensitive information through the web interface until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.