Source |
CVE Liste |
Identifiant |
3531807 |
Date de publication |
2021-10-19 13:15:11 (vue: 2021-10-19 15:05:38) |
Titre |
CVE-2021-38474 |
Texte |
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout policy configured for the login page of the product. This may allow an attacker to execute a brute-force password attack with no time limitation and without harming the normal operation of the user. This could allow an attacker to gain valid credentials for the product interface. |
Envoyé |
Oui |
Condensat |
2021 38474 account allow attack attacker brute configured could credentials cve execute force gain harming has have inhand interface ir615 limitation lockout login may networks normal operation page password policy product r4724 r4870 router time user valid versions without |
Tags |
|
Stories |
|
Notes |
|
Move |
|