Back to search
CVE-2021-28909
Published: Sep 9, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access uncontrolled the login service at /webif/SecurityModule in a brute force attack. The password could be weak and default username is known as 'admin'. This is usable and part of an attack chain to gain SSH root access.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://psytester.github.io/CVE-2021-28909
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now