In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive data.
7.5CVSS
7.5AI Score
0.001EPSS
The affected devices use publicly available default credentials with administrative privileges.
9.8CVSS
9.4AI Score
0.001EPSS
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials.
7.2CVSS
6.9AI Score
0.001EPSS
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic.
9.1CVSS
8.9AI Score
0.001EPSS