Vulnerabilities > CVE-2024-26263 - Unspecified vulnerability in Ebmtech Risweb

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ebmtech

NVD

Published: 2024-02-15

Updated: 2025-01-23

Summary

EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing attackers to browse specific pages and query sensitive data without login.

Vulnerable Configurations

Part	Description	Count
Application	Ebmtech Ebmtech Risweb *	1

References

https://www.twcert.org.tw/tw/cp-132-7676-9418d-1.html
https://www.twcert.org.tw/tw/cp-132-7676-9418d-1.html