CVE-2021-28911

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data e.g. device serial number. Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part...

CVE-2021-28913

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access...

EUVD-2021-15566

Malware in sbrugna...

EUVD-2021-15564

Malware in sbrugna...

EUVD-2020-17292

Malware in sbrugna...

CVE-2021-28913

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access...

CVE-2021-28910

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 contains basic SSRF vulnerability. It allow unauthenticated attackers to request to any internal and external server...

CVE-2021-28911

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data e.g. device serial number. Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part...

BAB TECHNOLOGIE GmbH eibPort 安全漏洞

Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort is an application from BAB TECHNOLOGIE GmbH Bab Technologie Gmbh, Germany, for managing smart furniture devices. A security vulnerability exists in BAB TECHNOLOGIE GmbH eibPort V3, which stems from a weak password in versions prior to 3.91. An...