← Back

Eos

eos

Vendor: Econolite • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-0452
1Econolite
1Eos
Nov 21, 2024
Jan 26, 2023
N/A· v4
5.3 MEDIUM· v3
N/A· v2
Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, incl...Show more
Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, including those of administrators and technicians. Show less
CVE-2023-0451
1Econolite
1Eos
Nov 21, 2024
Jan 26, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for...Show more
Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for all defined users in the control software, including administrators and technicians. Show less