Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords (e.g., 1 or 1234).
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NBlaauwproducts Remote Kiln Control
APPBlaauwproducts3.0.0≤ 3.0.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2019-18869CRITICAL9.8ten sam produkt
Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code ...
CVE-2019-18868CRITICAL9.8ten sam produkt
Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in c...
CVE-2019-18867HIGH7.5ten sam produkt
Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive f...
CVE-2019-18871HIGH8.8ten sam produkt
A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an...
CVE-2019-18866HIGH7.5ten sam produkt
Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3...