Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Brightpick Mission Control / Internal Logic Control Unprotected Transport of Credentials
Vulnerability Description
Brightpick Mission Control discloses device telemetry, configuration, and credential information via WebSocket traffic to unauthenticated users when they connect to a specific URL. The unauthenticated URL can be discovered through basic network scanning techniques.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
凭证传输未经安全保护
Vulnerability Title
Brightpick Mission Control 安全漏洞
Vulnerability Description
Brightpick Mission Control是美国Brightpick公司的一套任务管理的中央控制平台。 Brightpick Mission Control存在安全漏洞,该漏洞源于通过WebSocket向未经验证的用户泄露设备遥测、配置和凭据信息。
CVSS Information
N/A
Vulnerability Type
N/A