CVE-2019-15653

Published: Mar 19, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real value, i.e., md5(md5(value)).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.comba-telecom.com/en/news

x_refsource_MISC

https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=26164

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-15653

Description

Affected Products

References