漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of Password for Authentication" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Green Electronics RainMachine Mini-8 授权问题漏洞
Vulnerability Description
Green Electronics RainMachine Mini-8是美国Green Electronics公司的一款智能灌溉喷水器。 Green Electronics RainMachine Mini-8(第2代)中的应用程序逻辑存在安全漏洞,该漏洞源于函数使用管理员的密码哈希生成6位数的临时密码。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
CVSS Information
N/A
Vulnerability Type
N/A