|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-04-23 | |
| Rule Name: | Positron Broadcast Signal Processor TRA7005 v1.20 Authentication Bypass Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The TRA7000 series is a set of products specifically designed for broadcasting, suitable for individual broadcasting companies or radio networks. There is an authentication bypass vulnerability in TRA7005, which allows attackers to bypass digest authentication values or completely delete a user's password by manipulating the password endpoint, Passwd.xml, and its payload data to set the user's password to any value. | |
| Impact: | An unauthorized remote attacker can bypass authentication and gain access to the application with specially crafted requests. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |