The web administration server in Solar-Log 500 prior to 2.8.2 Build 52 does not require authentication, which allows remote malicious users to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bkw solar-log_500_firmware |
||
bkw solar-log_500_firmware 2.8.2 |