Cleartext Password Vulnerability in eyeDisk's Unlock Feature

Cleartext Password Vulnerability in eyeDisk's Unlock Feature

CVE-2019-11885 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

eyeDisk implements the unlock feature by sending a cleartext password. The password can be discovered by sniffing USB traffic or by sending a 06 05 52 41 01 b0 00 00 00 00 00 00 SCSI command.

Learn more about our Web Application Penetration Testing UK.