The captive portal in Inpiazza Cloud WiFi versions prior to v4.2.17 does not enforce limits on the number of attempts for password recovery, allowing attackers to brute force valid user accounts to gain access to login credentials.
References
Link | Resource |
---|---|
https://github.com/Alkatraz97/CVEs/blob/main/CVE-2023-33754.md | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-06-01T00:00:00
Updated: 2023-06-01T00:00:00
Reserved: 2023-05-22T00:00:00
Link: CVE-2023-33754
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-01T20:15:09.467
Modified: 2023-06-09T14:21:58.830
Link: CVE-2023-33754
JSON object: View
Redhat Information
No data.
CWE