CVE-2023-25184

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-521
View all →

Vulnerability Description

Use of weak credentials exists in Seiko Solutions SkyBridge and SkySpider series, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, and SkySpider MB-R210 firmware Ver. 1.01.00 and earlier.

Related Vulnerabilities

CVE-2015-8033

MEDIUM
CVSS:5.3(Medium)

In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.

CWE-5212015

CVE-2024-32213

MEDIUM
CVSS:5.3(Medium)

The LoMag WareHouse Management application version 1.0.20.120 and older were found to allow weak passwords. By default, hard-coded passwords of 10 characters with little or no complexity are allowed.

CWE-5212024

CVE-2024-41683

MEDIUM
CVSS:5.3(Medium)

A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force ...

CWE-5212024

CVE-2024-41778

MEDIUM
CVSS:5.3(Medium)

IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

CWE-5212024

CVE-2024-47121

MEDIUM
CVSS:5.3(Medium)

The goTenna Pro App uses a weak password for sharing encryption keys via the key broadcast method. If the broadcasted encryption key is captured over RF, and password is cracked via brute force attack...

CWE-5212024

CVE-2022-3326

MEDIUM
CVSS:5.4(Medium)

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9.

CWE-5212022