Primary

Context

Endress+Hauser MEAC300-FNADE4 Apache Directory Listing Vulnerability

Vulnerability

Patched

A vulnerability has been identified in the Endress+Hauser MEAC300-FNADE4 web application, which is served by an Apache httpd web server with an insecure configuration. The server has unnecessary modules activated that can be exploited to enable directory listing, potentially exposing sensitive information.

Impact

Exploitation of this vulnerability could lead to unauthorized directory listing, allowing attackers to view files and directories that should not be accessible.

Remediation

Customers are strongly advised to update to the newest version of the MEAC300-FNADE4. General security practices should also be applied to minimize network exposure and restrict access to the device.

Added: Jul 3, 2025, 1:33 PM

Updated: Jul 3, 2025, 3:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Endress+Hauser MEAC300-FNADE4 Apache Directory Listing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Endress+Hauser MEAC300-FNADE4

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating