The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rockwellautomation 1734-aentr_point_i\\/o_dual_port_network_adaptor_series_b_firmware |
||
rockwellautomation 1734-aentr_point_i\\/o_dual_port_network_adaptor_series_c_firmware 6.011 |
||
rockwellautomation 1734-aentr_point_i\\/o_dual_port_network_adaptor_series_c_firmware 6.012 |