Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Disclosure of Sensitive Information on Campbell Scientific Products
Vulnerability Description
Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to download configuration files, which may contain sensitive information about the internal network. From factory defaults, the mentioned datalogges have HTTP and PakBus enabled. The devices, with the default configuration, allow this situation via the PakBus port. The exploitation of this vulnerability may allow an attacker to download, modify, and upload new configuration files.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Campbell Scientific dataloggers 信息泄露漏洞
Vulnerability Description
Campbell Scientific dataloggers CR Series是Campbell Scientific公司的一系列科学数据记录器。 Campbell Scientific dataloggers存在安全漏洞,该漏洞源于其允许攻击者下载配置文件,其中可能包含有关内部网络的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A