WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 fails to validate user sessions, allowing unauthenticated attackers to read files from the underlying operating system and obtain directory listings.
https://github.com/PostalBlab/Vulnerabilities/blob/main/ComScale/file_access.txt