Subscribe via feed.

Carel pCOWeb HVAC Insecure Credential Storage

Posted by deepcore on November 2, 2019 – 12:21 pm

The Carel pCOWeb card stores password hashes in the file /etc/passwd, allowing privilege escalation by authenticated users. Additionally, plaintext copies of the passwords are stored. Version A 1.4.11 – B 1.4.2 is affected.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.