CVE-2023-2880

Name of the Vulnerable Software and Affected Versions Frauscher Sensortechnik GmbH FDS001 for FAdC/FAdCi versions 1.3.3 and earlier

Description The issue allows a remote attacker to read all files on the filesystem of the FDS001 device through a path traversal vulnerability of the web interface. This can be achieved by a crafted URL without authentication.

Recommendations For versions 1.3.3 and earlier, as a temporary workaround, consider restricting access to the web interface until a patch is available. Avoid using crafted URLs that could exploit the path traversal vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.