Vulnerabilities > ABB > Srea 01 Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-05-24 CVE-2017-9664 Path Traversal vulnerability in ABB Srea-01 Firmware and Srea-50 Firmware
In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any authorization over the network using a HTTP request which refers to files using ../../ relative paths.
network
low complexity
abb CWE-22
critical
9.8