602Pro LAN SUITE Web Mail Login Form Installation Path Disclosure
Remote / Network Access
Loss of Confidentiality
LAN SUITE Web Mail contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker views a hidden parameter within the 'login' form occurs, which will disclose the installation path to a remote attacker.
Upgrade to build 2004.0.04.0303 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.