Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future access and possible configuration changes.
CVSS Information
N/A
Vulnerability Type
未经验证的口令修改
Vulnerability Title
ProMinent MultiFLEX M10a Controller Web界面安全漏洞
Vulnerability Description
ProMinent MultiFLEX M10a Controller是意大利ProMinent公司的一款水处理控制器产品。Web interface是其中的一个Web管理界面。 ProMinent MultiFLEX M10a Controller中的Web界面存在安全漏洞,该漏洞源于在设置新的用户密码时,程序没有要求用户提供原始的密码。攻击者可利用该漏洞更改用户密码,从而更改访问权限和配置。
CVSS Information
N/A
Vulnerability Type
N/A