Design/Logic Flaw

2020-05-0713:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.1%

JSON

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/.

CPENameOperatorVersion
remote_kiln_controleq3.0.0 v4
remote_kiln_controleq3.0.0
remote_kiln_controllt3.0.0

Name	Operator	Version
remote_kiln_control	eq	3.0.0 v4
remote_kiln_control	eq	3.0.0
remote_kiln_control	lt	3.0.0

References

github.com/lodestone-security/CVEs/blob/master/remote_kiln_control/an_unfortunate_kilnundrum.md