Back to search
CVE-2018-12073
Published: Jun 17, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
An issue was discovered on Eminent EM4544 9.10 devices. The device does not require the user's current password to set a new one within the web interface. Therefore, it is possible to exploit this issue (e.g., in combination with a successful XSS, or at an unattended workstation) to change the admin password to an attacker-chosen value without knowing the current password.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://gist.github.com/freetom/2a446a226d0e98807c8b0c1111ef2def
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now