3 matches found
CVE-2024-36081
Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a configuration file containing a cleartext password. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...
CVE-2024-36081
Westermo EDW-100 serial-to-Ethernet converter is affected by CVE-2024-36081. An unauthenticated GET request can download the device configuration, exposing cleartext usernames and passwords. Impact is rated CVSS v3.1 9.8 (CRITICAL) with network access, no user interaction. Affected firmware up to...
CVE-2024-36081
Westermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a configuration file containing a cleartext password. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...