CVE-2023-39452

Name of the Vulnerable Software and Affected Versions MODULYS GP (MOD3GP-SY-120K) (affected versions not specified)

Description The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web application. This issue is related to the storage of passwords in plaintext. An attacker can exploit this to gain unauthorized access to protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.