SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. The use of the HTTP protocol for web browsing has the problem that information is exchanged in unencrypted text. Since sensitive data such as credentials are exchanged, an attacker could obtain them and log in legitimately.
oryginał ENCVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XArteche Satech Bcu
HWArtechewszystkie wersjeArteche Satech Bcu Firmware
OSArteche2.1.3
Powiązane podatności
Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CL...
An attacker with network access, could capture traffic and obtain user cookies, allowing the attacker to steal...
SaTECH BCU in its firmware version 2.1.3, allows an authenticated attacker to access information about the cre...
SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with acc...
Cross-site request forgery (CSRF) vulnerability in the web application of saTECH BCU firmware version 2.1.3, w...