robertguetzkow/ets5-password-recovery

robertguetzkow/ets5-password-recovery

Releases1

Frequency

Last Release almost 5 years ago

Stars33

ETS5 Password Recovery Tool is a PoC for CVE-2021-36799

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-43575 ↗	Nov 9, 2021Tuesday, 9 November 2021, 23:15	5.5 MEDIUM	2.1 LOW
KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to securely store cryptographic key material when it is not being exported
CVE-2021-36799 ↗	Jul 19, 2021Monday, 19 July 2021, 17:15	8.8 HIGH	2.1 LOW
KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer