CVE-2023-32657

Name of the Vulnerable Software and Affected Versions Weintek Weincloud version 0.13.6

Description The issue is related to insufficient restriction of authentication attempts, allowing a remote attacker to perform a brute force attack on credentials. The error message responses provide authentication hints, facilitating the development of such an attack.

Recommendations For Weintek Weincloud version 0.13.6, consider temporarily restricting access to the authentication mechanism to minimize the risk of exploitation. As a workaround, limit the number of authentication attempts from a single IP address within a certain time frame until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.