Vulnerabilities > CVE-2021-27514 - Improper Restriction of Excessive Authentication Attempts vulnerability in Eyesofnetwork 5.310

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
eyesofnetwork
CWE-307

Summary

EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).

Vulnerable Configurations

Part Description Count
Application
Eyesofnetwork
1