2024-03-26 22:53:41
icscert
PUBLISHED
There is a function in AutomationDirect C-MORE EA9 HMI that allows an attacker to send a relative path in the URL without proper sanitizing of the content.