Vulnerability Details CVE-2016-9368
An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07 and prior. By accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access files without authenticating.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2016-9368
-
cpe:2.3:a:eaton:xcomfort_ethernet_communication_interface:1.07