Unauthenticated File Download Vulnerability in Moxa AWK-3121 1.14 Devices

Unauthenticated File Download Vulnerability in Moxa AWK-3121 1.14 Devices

CVE-2018-10691 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered on Moxa AWK-3121 1.14 devices. It is intended that an administrator can download /systemlog.log (the system log). However, the same functionality allows an attacker to download the file without any authentication or authorization.

Learn more about our Web Application Penetration Testing UK.