CVE-2019-18867

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:blaauwproducts:remote_kiln_control:*:*:*:*:*:*:*:*
cpe:2.3:a:blaauwproducts:remote_kiln_control:3.0.0:-:*:*:*:*:*:*
cpe:2.3:a:blaauwproducts:remote_kiln_control:3.0.0:v4:*:*:*:*:*:*

History

No history.

Information

Published : 2020-05-07 13:15

Updated : 2024-02-04 21:00


NVD link : CVE-2019-18867

Mitre link : CVE-2019-18867

CVE.ORG link : CVE-2019-18867


JSON object : View

Products Affected

blaauwproducts

  • remote_kiln_control
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor