PostalBlab/Vulnerabilities

Releases0

Vulnerabilities

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-45911 ↗	Oct 18, 2023Wednesday, 18 October 2023, 18:15	9.8 CRITICAL	—
An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers to login as any user without a password.
CVE-2023-45912 ↗	Oct 18, 2023Wednesday, 18 October 2023, 18:15	7.5 HIGH	—
WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.