4 matches found
EUVD-2022-35586
Malicious code in bioql PyPI...
CVE-2022-32515
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause brute force attacks to take over the admin account when the product does not implement a rate limit mechanism on the admin authentication form. Affected Products: Conext™ ComBox All Versions...
CVE-2022-32515
Conext ComBox is affected by CWE-307 due to insufficient restriction of excessive authentication attempts on the admin login form. The vulnerability exists in all versions and could enable brute-force takeover of the admin account when rate limiting is not implemented. The connected sources confi...
Login bruteforce
Description According to the fix of the previous report, the login page has a rate limit mechanism to block the user’s IP when many attempts are made. The endpoint, for example, /v2/console/status only returns the content when who made the request has the correct rights. However, this request is...