CVE-2018-9161

Name of the Vulnerable Software and Affected Versions Prisma Industriale Checkweigher PrismaWEB version 1.21

Description The issue allows remote attackers to discover a hardcoded password by reading the user/scripts/login par.js file. This could potentially lead to unauthorized access.

Recommendations For Prisma Industriale Checkweigher PrismaWEB version 1.21, consider changing the hardcoded prisma password for the prismaweb account to a unique and secure password until a patch is available. As a temporary workaround, restrict access to the user/scripts/login par.js file to minimize the risk of exploitation.