Vulnerability Warning | X2Modbus Gateway Information Disclosure Vulnerability

0x00 Vulnerability ID

  • None

0x01 Danger Level

  • Medium

0x02 Vulnerability Overview

X2Modbus is a Modbus protocol conversion gateway that allows users to configure it according to the communication protocol of field devices, converting it to the standard Modbus protocol.

Vulnerability Warning | X2Modbus Gateway Information Disclosure Vulnerability0x03 Vulnerability DetailsVulnerability Type:Information DisclosureImpact:Exposure of sensitive informationSummary:The /soap/GetConfig interface of the X2Modbus gateway has an information disclosure vulnerability, allowing unauthenticated attackers to obtain a large amount of sensitive information, including database usernames, passwords, ports, etc.0x04 Affected Versions

  • X2Modbus Gateway

0x05 POC Status

  • Publicly disclosed

0x06 Fix Recommendations

Currently, the official has released a patched version for the vulnerability, and it is recommended that users upgrade to the secure version:http://bacnetchina.com/

Leave a Comment