Vulnerabilities > Bosch > Rexroth Indramotion MLC L85 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-10-04 CVE-2021-23857 Improper Authentication vulnerability in Bosch products
Login with hash: The login routine allows the client to log in to the system not by using the password, but by using the hash of the password.
network
low complexity
bosch CWE-287
critical
10.0
2021-10-04 CVE-2021-23858 Missing Authentication for Critical Function vulnerability in Bosch products
Information disclosure: The main configuration, including users and their hashed passwords, is exposed by an unprotected web server resource and can be accessed without authentication.
network
low complexity
bosch CWE-306
7.8