Skip to main content

Infoscan

3 CVEs product

Monthly

CVE-2024-42493 MEDIUM This Month

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Infoscan
NVD
CVSS 4.0
6.9
EPSS
0.3%
CVE-2024-42408 MEDIUM This Month

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Infoscan
NVD
CVSS 4.0
6.9
EPSS
0.4%
CVE-2024-39287 MEDIUM This Month

Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Infoscan
NVD
CVSS 4.0
6.9
EPSS
0.3%
EPSS 0% CVSS 6.9
MEDIUM This Month

Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Infoscan
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Infoscan
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Infoscan
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy