InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1 request.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24765
Reference (s):
- https://github.com/trump88/CVE-2020-24765