Prosoft-Technology: Security Vulnerabilities
Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Versions 1.9.62 and prior).
CVSS Score
7.5
EPSS Score
0.002
Published
2021-02-26
ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG algorithm and seeding strategy for passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVSS Score
9.3
EPSS Score
0.005
Published
2013-09-09