Vulnerability Details CVE-2021-45877
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat completely on port 8000 in the tomcat manger page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-45877
-
cpe:2.3:h:garo:wallbox_glb:-
-
cpe:2.3:h:garo:wallbox_gtb:-
-
cpe:2.3:h:garo:wallbox_gtc:-
-
cpe:2.3:o:garo:wallbox_glb_firmware:-
-
cpe:2.3:o:garo:wallbox_gtb_firmware:-
-
cpe:2.3:o:garo:wallbox_gtc_firmware:-