CVE-2018-16060

Опубликовано: 15 окт. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Средний

Описание

Mitsubishi Electric Europe B.V. SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.

Ссылки

http://packetstormsecurity.com/files/164538/Mitsubishi-Electric-INEA-SmartRTU-Source-Code-Disclosure.html
Exploit
Third Party Advisory
https://drive.google.com/open?id=1QMHwTnBbIqrTkR0NEpnTKssYdi8vRsHH
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/164538/Mitsubishi-Electric-INEA-SmartRTU-Source-Code-Disclosure.html
Exploit
Third Party Advisory
https://drive.google.com/open?id=1QMHwTnBbIqrTkR0NEpnTKssYdi8vRsHH
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:mitsubishielectric:smartrtu_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:mitsubishielectric:smartrtu:-:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.11324

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-425

Связанные уязвимости

GHSA-rw74-237r-47cj