CVE-2014-8329
Schrack Technik microControl Firmware < 1.7.0 - Unauthenticated Sensitive Information Exposure via ZTPUsrDtls.txt
Title source: llmDescription
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain access data for the ftp and telnet services via a direct request for ZTPUsrDtls.txt.
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jul/40
Scores
EPSS
0.0209
EPSS Percentile
79.3%
Details
CWE
CWE-287
Status
published
Products (2)
schrack/technik_microcontrol
schrack/technik_microcontrol_firmware
< 1.7.0
Published
Oct 20, 2014
Tracked Since
Feb 18, 2026