A security vulnerability has been detected in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Affected is the function deletefile of the component FsBrowseClean. The manipulation of the argument dir/path leads to missing authorization. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
A missing authorization vulnerability exists in Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30 in the FsBrowseClean component's deletefile function, allowing remote attackers to delete files without proper authentication. The vulnerability has been publicly disclosed with no vendor response or patch available.
يوجد ثغرة في التحقق من الصلاحيات في جهاز Technostrobe HI-LED-WR120-G2 الإصدار 5.5.0.1R6.03.30 في مكون FsBrowseClean، حيث تسمح دالة deletefile بحذف الملفات دون التحقق من هوية المستخدم. يمكن استغلال هذه الثغرة عن بعد وقد تم الكشف عنها علناً دون استجابة من الشركة المصنعة.
A missing authorization vulnerability exists in Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30 in the FsBrowseClean component's deletefile function, allowing remote attackers to delete files without proper authentication. The vulnerability has been publicly disclosed with no vendor response or patch available.
Immediately isolate affected Technostrobe HI-LED-WR120-G2 devices from network access until a security patch is released. Implement network segmentation and access controls to restrict remote connections to the device. Monitor for unauthorized file deletion activities and consider replacing the device with alternative solutions from vendors with active security support.
عزل أجهزة Technostrobe HI-LED-WR120-G2 المتأثرة عن الوصول إلى الشبكة فوراً حتى يتم إصدار تصحيح أمني. تطبيق تقسيم الشبكة والتحكم في الوصول لتقييد الاتصالات البعيدة بالجهاز. مراقبة أنشطة حذف الملفات غير المصرح بها والنظر في استبدال الجهاز بحلول بديلة من بائعي لديهم دعم أمني نشط.