1 results (0.001 seconds)

CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 1

An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. Una divulgación de información en Milesight UR5X, UR32L, UR32, UR35, UR41 anterior a v35.3.0.7 permite a los atacantes acceder a componentes confidenciales del router. Milesight IoT router versions UR5X, UR32L, UR32, UR35, and UR41 suffer from a credential leaking vulnerability due to unprotected system logs and weak password encryption. • https://github.com/win3zz/CVE-2023-43261 http://milesight.com http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html http://ur5x.com https://medium.com/%40win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf https://support.milesight-iot.com/support/home • CWE-532: Insertion of Sensitive Information into Log File •