CVE-2021-41296

Critical

ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full…

twcert·CWE-521·Published 2021-09-30

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

162 chars

ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system.

NVDen

162 chars

ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system.

El controlador ECOA BAS usa un conjunto débil de credenciales administrativas predeterminadas que pueden ser fácilmente adivinadas en ataques de contraseñas remotas y conseguir el control total del sistema

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H