Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have weak entropy for authentication cookies, allowing an attacker with a stolen session cookie to find the user password by brute-forcing an encryption parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HMS Cosy+和HMS Ewon Flexy 安全漏洞
Vulnerability Description
HMS Cosy+和HMS Ewon Flexy都是瑞典HMS公司的产品。HMS Cosy+是一个用于工业远程访问的应用程序。HMS Ewon Flexy是一款远程接入网关设备。 HMS Cosy+和HMS Ewon Flexy存在安全漏洞,该漏洞源于身份验证Cookie的熵值较弱,可能导致通过暴力破解获取用户密码。以下产品及版本受到影响:Ewon Flexy 15.0s4之前版本和Cosy+ 22.1s6之前的22.xx版本、23.0s3之前的23.xx版本。
CVSS Information
N/A
Vulnerability Type
N/A