Vulnerabilities > Weintek > Weincloud
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-19 | CVE-2023-32657 | Improper Restriction of Excessive Authentication Attempts vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses. | 7.5 |
2023-07-19 | CVE-2023-34429 | Unspecified vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token. | 7.5 |
2023-07-19 | CVE-2023-35134 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. | 5.9 |
2023-07-19 | CVE-2023-37362 | Improper Authentication vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website. | 8.8 |