Vulnerabilities > Bosch > FSM 2500 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-01-26 CVE-2020-6780 Use of Password Hash With Insufficient Computational Effort vulnerability in Bosch Fsm-2500 Firmware and Fsm-5000 Firmware
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.
network
low complexity
bosch CWE-916
4.0
2021-01-26 CVE-2020-6779 Use of Hard-coded Credentials vulnerability in Bosch Fsm-2500 Firmware and Fsm-5000 Firmware
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database with admin-privileges.
network
low complexity
bosch CWE-798
critical
10.0