CVE-2015-3972

Name of the Vulnerable Software and Affected Versions Janitza UMG versions 508, 509, 511, 604, 605

Description The issue is related to the web interface of the affected devices, which only supports short PIN values for authentication. This makes it easier for remote attackers to gain access to the device via a brute-force attack.

Recommendations For Janitza UMG versions 508, 509, 511, 604, 605, consider implementing longer PIN values or alternative authentication methods to mitigate the risk of brute-force attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.