Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Jumo: Insufficient entropy in PRNG may lead to root access
Vulnerability Description
A vulnerability was identified in the password generation algorithm when accessing the debug-interface. An unauthenticated local attacker with knowledge of the password generation timeframe might be able to brute force the password in a timely manner and thus gain root access to the device if the debug interface is still enabled.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用具有密码学弱点缺陷的PRNG
Vulnerability Title
Jumo variTRON300 安全特征问题漏洞
Vulnerability Description
Jumo variTRON300是中国久茂自动化(Jumo)公司的一个自动化系统。 Jumo variTRON300存在安全特征问题漏洞,该漏洞源于密码生成算法存在缺陷,可能导致未经验证的本地攻击者通过暴力破解获取密码,从而获得设备root权限。
CVSS Information
N/A
Vulnerability Type
N/A