Описание
TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading to loss of confidentiality and further unauthorized access.
Ссылки
EPSS
Процентиль: 57%
0.00355
Низкий
Дефекты
CWE-538
Связанные уязвимости
github
3 месяца назад
TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading to loss of confidentiality and further unauthorized access.
EPSS
Процентиль: 57%
0.00355
Низкий
Дефекты
CWE-538