The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware prior to 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote malicious users to obtain sensitive setup and configuration information via a direct request.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
schneider-electric etg3000_factorycast_hmi_gateway_firmware 1.60.2 |
||
schneider-electric tsxetg3000 - |
||
schneider-electric tsxetg3010 - |
||
schneider-electric tsxetg3021 - |
||
schneider-electric tsxetg3022 - |
Vulmon