Описание
The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 4.0.4 (включая)Версия до 4.0.4 (включая)Версия до 4.0.4 (включая)Версия до 4.0.4 (включая)
Одно из
cpe:2.3:a:schneider-electric:proface_gp-pro_ex_ex-ed:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:proface_gp-pro_ex_pfxexedls:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:proface_gp-pro_ex_pfxexedv:*:*:*:*:*:*:*:*
cpe:2.3:a:schneider-electric:proface_gp-pro_ex_pfxexgrpls:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00405
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-255
Связанные уязвимости
CVSS3: 9.1
github
больше 3 лет назад
The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 has hardcoded credentials, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials.
EPSS
Процентиль: 60%
0.00405
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-255