CVE-2021-41296

ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:ecoa:ecs_router_controller-ecs:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:ecoa:riskbuster_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:ecoa:riskbuster:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:ecoa:riskterminator:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:25

Type Values Removed Values Added
References () https://www.twcert.org.tw/tw/cp-132-5132-65705-1.html - Third Party Advisory () https://www.twcert.org.tw/tw/cp-132-5132-65705-1.html - Third Party Advisory

Information

Published : 2021-09-30 11:15

Updated : 2024-11-21 06:25


NVD link : CVE-2021-41296

Mitre link : CVE-2021-41296

CVE.ORG link : CVE-2021-41296


JSON object : View

Products Affected

ecoa

  • ecs_router_controller-ecs_firmware
  • riskbuster_firmware
  • riskbuster
  • riskterminator
  • ecs_router_controller-ecs
CWE
CWE-521

Weak Password Requirements