PT-2022-13639 · Unknown · Tem Flex-1085+1
Mrempy
·
Published
2022-03-29
·
Updated
2023-06-27
·
CVE-2022-1077
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
TEM FLEX-1080 and FLEX-1085 version 1.6.0
Description
A vulnerability was found in the Log Handler component, specifically in the log.cgi. It allows for information disclosure of hardware information through a direct request. The attack can be initiated remotely without requiring any form of authentication.
Recommendations
For TEM FLEX-1080 and FLEX-1085 version 1.6.0, consider restricting access to the log.cgi component of the Log Handler to minimize the risk of exploitation.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tem Flex-1080
Tem Flex-1085