Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CVE-2021-23858, this allows an attacker to subsequently login to the system.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HBosch Rexroth Indramotion Mlc L20
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc L20 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc L25
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc L25 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc L40
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc L40 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc L45
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc L45 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc L65
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc L65 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc L75
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc L75 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc L85
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc L85 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc Xm21
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc Xm21 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc Xm22
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc Xm22 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc Xm41
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc Xm41 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Mlc Xm42
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc Xm42 Firmware
OSBosch≤ 12Bosch Rexroth Indramotion Xlc
HWBoschwszystkie wersjeBosch Rexroth Indramotion Xlc Firmware
OSBosch≤ 12
Powiązane podatności
The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a ...
The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a ...
Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an u...
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker t...
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of...