Описание
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a brute force attack.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:oklok_project:oklok:3.1.1:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 77%
0.01043
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-307
Связанные уязвимости
github
больше 3 лет назад
The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a brute force attack.
EPSS
Процентиль: 77%
0.01043
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-307