HIGH🇵🇱 Wersja polska

CVE-2018-13789

CVSS 7.5v3.0pub. 2018-10-10upd. 2024-11-21

An issue was discovered in Descor Infocad FM before 3.1.0.0. An unauthenticated web service allows the retrieval of files on the web server and on reachable SMB servers.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Descor Infocad Fm

    APP
    Descor
    < 3.1.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2025-26852CRITICAL10.0PL ✓ten sam vendor

SQL Injection w Descor Infocad — nieautoryzowany pełny dostęp do systemu

CVE-2025-26853CRITICAL10.0PL ✓ten sam vendor

Descor Infocad — złamany schemat autoryzacji (CVSS 10.0)