Plaintext Transmission of User Credentials in PHOENIX CONTACT FL SWITCH WebUI

Plaintext Transmission of User Credentials in PHOENIX CONTACT FL SWITCH WebUI

CVE-2018-13992 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.

Learn more about our Web App Pen Testing.