2 matches found
CVE-2021-41300
ECOA BAS controller’s special page displays user account and passwords in plain text, thus unauthenticated attackers can access the page and obtain privilege with full functionality...
CVE-2021-41300
CVE-2021-41300 concerns an information disclosure vulnerability in ECOA BAS controller. Multiple sources describe that the affected ECOA devices expose user credentials on a special web page, allowing unauthenticated remote access with full functionality. The Zero Science Lab report expands this ...