3 matches found
CVE-2023-33754
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing attackers to brute force valid user accounts to gain access to login credentials...
CVE-2023-33754
The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing attackers to brute force valid user accounts to gain access to login credentials...
CVE-2023-33754
The CVE concerns Inpiazza Cloud WiFi, where the captive portal in versions prior to v4.2.17 fails to enforce limits on password-recovery attempts, enabling brute-force attempts to guess valid user credentials. Affected: Inpiazza Cloud WiFi prior to 4.2.17. Root cause: missing throttling/locking o...