Security Advisory

CVE-2025-2860

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-28 13:10:44

Last updated 2025-03-28 13:37:58

Assigner INCIBE

State PUBLISHED

Description

SaTECH BCU in its firmware version 2.1.3, allows an authenticated attacker to access information about the credentials that users have within the web (.xml file). In order to exploit this vulnerability, the attacker must know the path, regardless of the users privileges on the website.

← Browse all CVEs View on cve.org ↗