CVE-2020-23162

Published January 26th, 2021

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials.

Outpost24/Pyrescom-Termod-PoC

Pyrescom Termod proof-of-concept code for CVE-2020-23160, CVE-2020-23161 and CVE-2020-23162

GitHub