2 matches found
CVE-2016-10321
web2py before 2.14.6 does not properly check if a host is denied before verifying passwords, allowing a remote attacker to perform brute-force attacks...
CVE-2014-9408
The CVE-2014-9408 entry concerns Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, RTLS Controller 6.0.5-FINAL, and Activator 3, where parts of the MAC address are used in the RC4 setup key. This design allows brute-force guessing of the key by remote attackers, per the provided records. The co...