Default Configuration Page Accessible Without Authentication in Fresenius Kabi Agilia SP MC WiFi vD25 and Prior

Default Configuration Page Accessible Without Authentication in Fresenius Kabi Agilia SP MC WiFi vD25 and Prior

CVE-2021-33843 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.

Learn more about our Network Penetration Testing.