Weintek Weincloud Improper Restriction of Excessive Authentication Attempts Vulnerability
2023-07-18
| CVE ID | CVE-2023-32657 |
|---|---|
| Severity | Medium |
| Affected Vendors | Weintek |
| Affected Products | Weincloud Account API: Versions 0.13.6 and prior |
| Vulnerability Details | The affected product could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses. |
| Solutions & Rules | · Fixed in version v0.13.8 |
| Credit | Hank Chen of TXOne Networks |