Headline
CVE-2021-41291: TWCERT/CC台灣電腦網路危機處理暨協調中心-ECOA BAS controller - Path Traversal-2
ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Using the GET parameter in File Manager, unauthenticated attackers can remotely disclose directory content on the affected device.