Cleartext Transmission of Admin Credentials in MicroSeven MYM71080i-B Devices

Cleartext Transmission of Admin Credentials in MicroSeven MYM71080i-B Devices

CVE-2021-29255 · HIGH Severity

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials.

Learn more about our Network Penetration Testing.