BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. device serial number). Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part of an attack chain to gain SSH root access.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-09-09T17:45:39

Updated: 2024-08-03T21:55:12.290Z

Reserved: 2021-03-19T00:00:00

Link: CVE-2021-28911

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-09-09T18:15:08.873

Modified: 2024-11-21T06:00:23.313

Link: CVE-2021-28911

cve-icon Redhat

No data.