CVE-2017-16787

Published: Dec 15, 2017Modified: May 13, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.

Affected (1)

Products: Meinbergglobal: Lantime Firmware

Meinbergglobal

1 product

Lantime Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meinbergglobal Lantime Firmware	Before 6.24.004

Running on/with	Platform Versions
Meinbergglobal Lantime	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://seclists.org/fulldisclosure/2017/Dec/33

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://www.exploit-db.com/exploits/43332/

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2017/Dec/33

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://www.exploit-db.com/exploits/43332/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.