CVE-2017-17759

Name of the Vulnerable Software and Affected Versions Conarc iChannel versions (affected versions not specified)

Description The issue is related to inadequate access control in the Conarc iChannel customer relationship management system. It allows a remote attacker to obtain sensitive information, modify the configuration, or cause a denial of service by deleting the configuration. This can be achieved through a request to the "wc.dll?wwMaint~EditConfig" endpoint, which interacts with an older version of the West Wind Web Connection HTTP service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.