CVE-2021-38612

Name of the Vulnerable Software and Affected Versions NASCENT RemKon Device Manager version 4.0.0.0

Description A Directory Traversal issue exists in the log-reading function in maintenance/readLog.php, allowing an attacker to read any file via a specialized URL.

Recommendations For NASCENT RemKon Device Manager version 4.0.0.0, consider restricting access to the maintenance/readLog.php function until a patch is available. As a temporary workaround, avoid using the vulnerable log-reading function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.