Unrated severityNVD Advisory· Published Oct 4, 2021· Updated Aug 3, 2024

Information disclosure

CVE-2021-23858

Description

Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication. Additionally, device details are exposed which include the serial number and the firmware version by another unprotected web server resource.

Affected products

Rextheme/Indramotion Mlc L20, L40v5
Range: 12 VRS

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

psirt.bosch.com/security-advisories/bosch-sa-741752.htmlmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000