The user and password data base is exposed by an unprotected web server resource. Passwords are hashed with a weak hashing algorithm and therefore allow an attacker to determine the password by using rainbow tables.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:NBosch Rexroth Indramotion Mlc
HWBoschwszystkie wersjeBosch Rexroth Indramotion Mlc Firmware
OSBoschwszystkie wersjeBosch Rexroth Indramotion Xlc
HWBoschwszystkie wersjeBosch Rexroth Indramotion Xlc Firmware
OSBoschwszystkie wersje
Related vulnerabilities
Login with hash: The login routine allows the client to log in to the system not by using the password, but by...
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker t...
An unauthenticated attacker is able to send a special HTTP request, that causes a service to crash. In case of...
The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a ...
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to...