Vulnerabilities > Novelan

DATE CVE VULNERABILITY TITLE RISK
2024-01-30 CVE-2024-22894 Inadequate Encryption Strength vulnerability in multiple products
An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file.
low complexity
alpha-innotec novelan CWE-326
6.8