CSRF Vulnerability in KMC Controls BAC-5051E Devices Allows Unauthorized Access to Configuration File

CSRF Vulnerability in KMC Controls BAC-5051E Devices Allows Unauthorized Access to Configuration File

CVE-2016-4494 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability on KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allows remote attackers to hijack the authentication of unspecified victims for requests that disclose the contents of a configuration file.

Learn more about our Web Application Penetration Testing UK.