Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hills ComNav Inadequate Encryption Strength
Vulnerability Description
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if they can observe the traffic. This would be possible even if the traffic were encrypted, e.g., using WPA2, as the packet sizes would remain observable. The communication encryption scheme is theoretically sound, but is not strong enough for the level of protection required.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
不充分的加密强度
Vulnerability Title
Interlogix Hills ComNav 加密问题漏洞
Vulnerability Description
Interlogix Hills ComNav是澳大利亚Interlogix公司的一个 Hills Reliance 安全警报系统的远程访问集成模块。 Interlogix Hills ComNav存在加密问题漏洞,攻击者可以查看跨本地网络的配置页面流量。
CVSS Information
N/A
Vulnerability Type
N/A