Weak Hard-coded Credentials

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered credentials can be used to log into the device via the login shell that is exposed by the serial interface. The backdoor user has been removed in firmware BSP >= 6.4.1.

N/A

使用硬编码的凭证

Wattsense Bridge 安全漏洞

Wattsense Bridge是Wattsense公司的一款直观且功能强大的物联网网关。 Wattsense Bridge存在安全漏洞，该漏洞源于用户密码可以通过密码破解尝试轻松恢复。

N/A

N/A