CVE-2019-9201

Name of the Vulnerable Software and Affected Versions ILC 1x0 versions (affected versions not specified) ILC 1x1 versions (affected versions not specified) ILC 1x1 GSM/GPRS versions (affected versions not specified) ILC 3xx versions (affected versions not specified) AXC 1050 versions (affected versions not specified) AXC 1050 XC versions (affected versions not specified) AXC 3050 versions (affected versions not specified) RFC 480S PN 4TX versions (affected versions not specified) RFC 470 PN 3TX versions (affected versions not specified) RFC 470S PN 3TX versions (affected versions not specified) RFC 460R PN 3TX versions (affected versions not specified) RFC 460R PN 3TX-S versions (affected versions not specified) RFC 430 ETH-IB versions (affected versions not specified) RFC 450 ETH-IB versions (affected versions not specified) PC WORX SRT versions (affected versions not specified) PC WORX RT BASIC versions (affected versions not specified) FC 350 PCI ETH versions (affected versions not specified)

Description The issue is related to weaknesses in the authentication procedure of the software. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information or impact the integrity of the information by establishing a TCP session on port 1962. This can be demonstrated by using the Create Backup feature to traverse all directories.

Recommendations As a temporary workaround, consider restricting access to port 1962 to minimize the risk of exploitation. Avoid using the Create Backup feature until the issue is resolved. Restrict access to sensitive information and directories to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.