In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash can be cracked to access the administration panel of the device.
View Full Alert
Related Posts
CVE-2019-12305In EZCast Pro II, the administrator password md5 hash is provided upon a web request. This hash can be cracked to access the administration panel of the device. View Full…
CVE-2019-10120 (ccu2_firmware, ccu3_firmware)On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16, automatic login configuration (aka setAutoLogin) can be achieved by continuing to use a session ID after a logout,…
CVE-2019-10121 (ccu2_firmware, ccu3_firmware)eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via the user…
