CVE-2023-38422

Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...

CVE-2023-38422

Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...

Authentication flaw

Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device...

Authentication flaw

Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data...

CVE-2023-32202

Walchem Intuition 9 firmware versions prior to v4.21 are affected by improper authentication (CVE-2023-32202). The issue, confirmed by multiple sources, is that login credentials are stored in a format that could allow an attacker to login and access the device. Affected product: Intuition 9 cont...

PT-2023-23660 · Walchem · Walchem Intuition 9

Name of the Vulnerable Software and Affected Versions: Walchem Intuition 9 firmware versions prior to v4.21 Description: The issue concerns improper authentication in the Walchem Intuition 9 firmware. Login credentials are stored in a format that could allow an attacker to use them as-is to login...

Walchem Intuition 9

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Walchem Equipment: Intuition 9 Vulnerabilities: Missing Authentication for Critical Function, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...