Описание
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts.
Ссылки
- ExploitVDB Entry
- Third Party Advisory
- ExploitVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.58 (исключая)
Одновременно
cpe:2.3:o:wyrestorm:apollo_vx20_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:wyrestorm:apollo_vx20:-:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.0307
Низкий
7.5 High
CVSS3
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 7.5
github
почти 2 года назад
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts.
EPSS
Процентиль: 86%
0.0307
Низкий
7.5 High
CVSS3
Дефекты
CWE-200