RouterCVE

CVE-2009-0700

NONE
CVSS v3
4.0CVSS v2
3.86% EPSS (exploit probability)
CWE-264CWE

Description

Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_DirAnzeige.jsp, or (2) list sensitive Jobs via a direct request to pagesUTF8/auftrag_job.jsp.

Affected routers (1)

VendorModelMatched viaAffected versionsFixed inPatch?
Ubiquiti Ubiquiti EdgeRouter 4 No

External references