Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Jinan USR IOT Technology Limited (PUSR) USR-W610 Cleartext Transmission of Sensitive Information
Vulnerability Description
The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTTP Basic Authentication. Traffic is encoded but not encrypted, exposing user credentials to passive interception by attackers on the same network.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
Jinan USR IOT USR-W610 安全漏洞
Vulnerability Description
Jinan USR IOT USR-W610是中国有人物联网(Jinan USR IOT)公司的一款串口转以太网转换器。 Jinan USR IOT USR-W610存在安全漏洞,该漏洞源于设备嵌入式Web接口不支持HTTPS/TLS身份验证并使用HTTP基本身份验证,可能导致用户凭据被同一网络上的攻击者被动拦截。
CVSS Information
N/A
Vulnerability Type
N/A