CVE-2023-4152

Name of the Vulnerable Software and Affected Versions Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi versions 1.4.24 and all previous versions

Description The issue allows a remote attacker to read all files on the filesystem of the FDS101 device by exploiting a path traversal vulnerability of the web interface using a crafted URL without authentication.

Recommendations For versions 1.4.24 and all previous versions, consider disabling access to the web interface until a patch is available. Restrict access to the filesystem to minimize the risk of exploitation. Avoid using crafted URLs that could trigger the path traversal vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.