Vulnerabilities > CVE-2023-27746 - Improper Restriction of Excessive Authentication Attempts vulnerability in Blackvue Dr750-2Ch IR LTE Firmware and Dr750-2Ch LTE Firmware

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
blackvue
CWE-307
critical

Summary

BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted.