Описание
Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that allows remote attackers to download configuration backup files containing sensitive credentials. Attackers can retrieve the lk3_settings.bin file and extract base64-encoded user and admin passwords without authentication.
EPSS
Процентиль: 73%
0.00766
Низкий
Дефекты
CWE-260
Связанные уязвимости
github
около 2 месяцев назад
Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that allows remote attackers to download configuration backup files containing sensitive credentials. Attackers can retrieve the lk3_settings.bin file and extract base64-encoded user and admin passwords without authentication.
EPSS
Процентиль: 73%
0.00766
Низкий
Дефекты
CWE-260