Insecure Access Control in Advantech/B+B SmartWorx VESP211-EU and VESP211-232 Devices
CVE-2016-2275 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote attackers to perform administrative actions via modified JavaScript code.
Learn more about our Web App Pen Testing.