Описание
The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file. An attacker could then use this page to reset the password back to the default.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00115
Низкий
9.1 Critical
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 9.1
github
почти 3 года назад
The Akuvox E11 password recovery webpage can be accessed without authentication, and an attacker could download the device key file. An attacker could then use this page to reset the password back to the default.
EPSS
Процентиль: 31%
0.00115
Низкий
9.1 Critical
CVSS3