The vulnerability allows an attacker to access sensitive credentials due to unprotected system logs and weak password encryption. By decrypting the passwords stored in the system logs, an attacker can obtain user credentials. This vulnerability has been assigned the CVE identifier CVE-2023-43261.
The vulnerability allows an attacker to access sensitive credentials due to unprotected system logs and weak password encryption implemented in Milesight IoT industrial routers. By exploiting this flaw, an adversary could decrypt and extract passwords leading to unauthorized access. This vulnerability has been assigned CVE-2023-43261.