Access Control Bypass in Carlo Gavazzi VMU-C EM and VMU-C PV

Access Control Bypass in Carlo Gavazzi VMU-C EM and VMU-C PV

CVE-2017-5144 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. The access control flaw allows access to most application functions without authentication.

Learn more about our Web Application Penetration Testing UK.