Error Message Discrepancies in Blaauw Remote Kiln Control v3.00r4: Username Enumeration Vulnerability

Error Message Discrepancies in Blaauw Remote Kiln Control v3.00r4: Username Enumeration Vulnerability

CVE-2019-18865 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to enumerate valid usernames.

Learn more about our User Device Pen Test.