Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.
CPE | Name | Operator | Version |
---|---|---|---|
fsm-2500_firmware | le | 5.2 | |
fsm-5000_firmware | le | 5.2 |