High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-01	CVE-2018-6011	Improper Authentication vulnerability in Rainmachine Mini-8 Firmware The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of Password for Authentication" issue. network high complexity rainmachine CWE-287	8.1