Описание
The Brightpick Internal Logic Control web interface is accessible without requiring user authentication. An unauthorized user could exploit this interface to manipulate robot control functions, including initiating or halting runners, assigning jobs, clearing stations, and deploying storage totes.
EPSS
Процентиль: 14%
0.00045
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 6.5
github
3 месяца назад
The Brightpick Internal Logic Control web interface is accessible without requiring user authentication. An unauthorized user could exploit this interface to manipulate robot control functions, including initiating or halting runners, assigning jobs, clearing stations, and deploying storage totes.
EPSS
Процентиль: 14%
0.00045
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-306