FTP-based Retrieval of Plain-Text Credentials in PR100088 Modbus Gateway

FTP-based Retrieval of Plain-Text Credentials in PR100088 Modbus Gateway

CVE-2019-6549 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP.

Learn more about our Web Application Penetration Testing UK.