The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-02-24T18:26:56.514398Z

Updated: 2024-09-17T04:14:38.489Z

Reserved: 2020-06-19T00:00:00

Link: CVE-2020-14504

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-02-24T19:15:08.943

Modified: 2022-07-25T10:25:02.580

Link: CVE-2020-14504

cve-icon Redhat

No data.