Dorsettcontrols Security Vulnerabilities

CVE-2024-39287

Dorsett Controls Central Server update server has potential informationleaks with an unprotected file that contains passwords and API keys.

CVE-2024-42408

The InfoScan client download page can be intercepted with a proxy, toexpose filenames located on the system, which could lead to additionalinformation exposure.

CVE-2024-42493

Dorsett Controls InfoScan is vulnerable due to a leak of possiblesensitive information through the response headers and the renderedJavaScript prior to user login.