An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user is hashed using an old and deprecated hashing technique. Because of this deprecated hashing, the success probability of an attacker in an offline cracking attack is greatly increased.
4402161040c1e257f4fb22e2ce24e8e5c24e4316ce14cf14d3fa43ec14ca967d[Suggested description]
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14.
The password for the root user is hashed using an old and
deprecated hashing technique. Because of this deprecated hashing,
the success probability of an attacker in an offline cracking attack
is greatly increased.
------------------------------------------
[Vulnerability Type]
Incorrect Access Control
------------------------------------------
[Vendor of Product]
Svakom
------------------------------------------
[Affected Product Code Base]
Siime Eye - 14.1.00000001.3.330.0.0.3.14
------------------------------------------
[Affected Component]
Siime Eye linux password hashes
------------------------------------------
[Attack Type]
Context-dependent
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[Attack Vectors]
The hash can be obtained using various techniques (e.g.) through command injection.
------------------------------------------
[Reference]
N/A
------------------------------------------
[Discoverer]
Willem Westerhof, Jasper Nota, Edwin Gozeling from Qbit in assignment of the Consumentenbond.
Use CVE-2020-11916.
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed