Vulnerability: ECOA BAS Controller Exposes User Account and Passwords in Plain Text
CVE-2021-41300 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ECOA BAS controller’s special page displays user account and passwords in plain text, thus unauthenticated attackers can access the page and obtain privilege with full functionality.
Learn more about our User Device Pen Test.