Описание
The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system.
EPSS
Процентиль: 33%
0.00125
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-321
Связанные уязвимости
CVSS3: 9.8
github
5 месяцев назад
The secret used for validating authentication tokens is hardcoded in device firmware for affected versions. An attacker who obtains the signing key can bypass authentication, gaining complete access to the system.
EPSS
Процентиль: 33%
0.00125
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-321