Описание
The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.
The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-49188
- https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
- https://sick.com/psirt
- https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
- https://www.first.org/cvss/calculator/3.1
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json
- https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf
Связанные уязвимости
CVSS3: 5.3
nvd
8 месяцев назад
The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering.