Rexroth Indramotion Mlc L20, L40
3 CVEs affecting Rexroth Indramotion Mlc L20, L40. Latest disclosed: 2021-10-04. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-23857 | Critical | 10.0 | 2021-10-04 | Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password. Combined with CV… |
CVE-2021-23856 | Critical | 10.0 | 2021-10-04 | The web server is vulnerable to reflected XSS and therefore an attacker might be able to execute scripts on a client’s computer by sending the client a manipul… |
CVE-2021-23858 | High | 8.6 | 2021-10-04 | Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accesse… |