CVE-2023-33754
The CVE concerns Inpiazza Cloud WiFi, where the captive portal in versions prior to v4.2.17 fails to enforce limits on password-recovery attempts, enabling brute-force attempts to guess valid user credentials. Affected: Inpiazza Cloud WiFi prior to 4.2.17. Root cause: missing throttling/locking o...