Main Vulnerability Database Vulnerabilities #VU57163

#VU57163 Weak password requirements in IR615 Router - CVE-2021-38462

Published: October 8, 2021

Vulnerability identifier: #VU57163

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2021-38462

CWE-ID: CWE-521

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
IR615 Router

Software vendor:
InHand Networks

Description

The vulnerability allows a remote attacker to perform brute-force attack and guess the password.

The vulnerability exists due to weak password requirements. A remote attacker can enumerate passwords and impersonate other application users and perform operations on their behalf.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://ics-cert.us-cert.gov/advisories/icsa-21-280-05

#VU57163 Weak password requirements in IR615 Router - CVE-2021-38462

Description

Remediation

External links

Please verify you're human