Loading
The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request.
Use CWE-200, Trane vendor hub and Tracer Sc product page to widen CVE-2016-0870 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-38450, CVE-2026-28252 and CVE-2026-28253 for nearby disclosures in the same product family.