Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP. This vulnerability results in authentication bypass vulnerability, which allows the attacker to access MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP via FTP.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NMitsubishielectric Fx5 Enet\/ip
HWMitsubishielectricwszystkie wersjeMitsubishielectric Fx5 Enet\/ip Firmware
OSMitsubishielectricwszystkie wersjeMitsubishielectric Rj71eip91
HWMitsubishielectricwszystkie wersjeMitsubishielectric Rj71eip91 Firmware
OSMitsubishielectricwszystkie wersjeMitsubishielectric Sw1dnn Eipct Bd
HWMitsubishielectricwszystkie wersjeMitsubishielectric Sw1dnn Eipct Bd Firmware
OSMitsubishielectricwszystkie wersjeMitsubishielectric Sw1dnn Eipctfx5 Bd
HWMitsubishielectricwszystkie wersjeMitsubishielectric Sw1dnn Eipctfx5 Bd Firmware
OSMitsubishielectricwszystkie wersje
Related vulnerabilities
Multiple Mitsubishi Electric products are vulnerable to impersonations of a legitimate device by a malicious a...
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series...
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series, MELSEC iQ...
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series...
Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporati...