CVE-2018-12594

Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Password field.

high 7.5 CVSS 3.1

Published: Jun 20, 2018

Modified: Jun 2, 2026

Versions: 7.80

Description

Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Password field.

References

https://www.seebug.org/vuldb/ssvid-97345
https://www.seebug.org/vuldb/ssvid-97345

CVSS Breakdown

Version	3.1
Score	7.5 / 10
Severity	high

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weakness (CWE)

CWE-200

Affected Product

Vendor	Reliablecontrols
Product	Mach-Prowebcom Firmware
Versions	7.80