Exemys: Security Vulnerabilities
By using a specific credential string, an attacker with network access to the device’s web interface could circumvent the authentication scheme and perform administrative operations.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-06-30
Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body.
CVSS Score
7.8
EPSS Score
0.003
Published
2015-11-19