CVE-2017-5163

An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. After an administrator downloads a configuration file, a copy of the configuration file, which includes hashes of user passwords, is saved to a location that is accessible without authentication by path traversal.
Path Traversal
Severity
MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Atk. Vector
NETWORK
Atk. Complexity
HIGH
Priv. Required
NONE