exploitDog

CVE-2024-36440

Опубликовано: 22 авг. 2024

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used.

Ссылки

EPSS

Процентиль: 16%

0.0005

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-327

Связанные уязвимости

GHSA-7r79-ppgg-4h8m

CVSS3: 6.8

github

больше 1 года назад

An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used.

EPSS

Процентиль: 16%

0.0005

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-327