CVE-2021-36165

Name of the Vulnerable Software and Affected Versions RICON Industrial Cellular Router S9922L version 16.10.3(3794)

Description The issue concerns the cleartext storage of sensitive information. Specifically, it involves sending the username and password as base64. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited.

Recommendations For RICON Industrial Cellular Router S9922L version 16.10.3(3794), consider restricting access to sensitive information and avoid using cleartext storage for username and password. As a temporary workaround, consider disabling the feature that sends username and password as base64 until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.