4 matches found
CVE-2023-37756
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack...
CVE-2023-37756
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack...
CVE-2023-37756
I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack...
CVE-2023-37756
CVE-2023-37756 affects i-doit Pro/Open versions 25 and below. The root cause is a weak administrator password policy that allows brute-force guessing, enabling unauthorized access. Some connected sources also describe a secondary path where a crafted plugin upload could enable remote code executi...