Back to CVE List

CVE-2021-4471

Vulnerability Description

TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading to loss of confidentiality and further unauthorized access.

Vulnerability Details

Published Date
Last Modified
Source
NVD

Discussion (0)

Add Comment

No comments yet. Be the first!