WEMS BEMS 21.3.1 Undocumented Backdoor Account WEMS BEMS version 21.3.1 has an undocumented backdoor account that is Base64 encoded. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the controller thru the RMI. Leave a ReplyYou must be logged in to post a comment. Filed under: exploit - @ December 31, 2019 10:18 pm