Sylon

**Name of the Vulnerable Software and Affected Versions** NVS365 V01 **Description** The issue concerns Incorrect Access Control. When an incorrect password is entered, the URL is sent to the server twice. In the second request, the server returns the correct password information. **Recommendations** For NVS365 V01, consider restricting access to password-related functionality until a fix is available. As a temporary workaround, avoid using the password entry feature in a way that could trigger the double request issue.