Published: 19/07/2021 Updated: 11/04/2024

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

KNX ETS5 up to and including 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Vulnerable Product	Search on Vulmon	Subscribe to Product
knx engineering tool software 5

ETS5 Password Recovery Tool is a PoC for CVE-2021-36799

ETS5 Password Recovery Tool Table of Contents Introduction Installation Requirements How does the password recovery work? How was the design flaw discovered? How can the risk be mitigated? Coordinated Vulnerability Disclosure License Change log Introduction Have you forgotten the password to one of your ETS5 projects and cannot access the configuration for the KNX installatio

CWE-798 https://www.knx.org/knx-en/for-professionals/software/ets-5-professional/https://github.com/robertguetzkow/ets5-password-recovery http://packetstormsecurity.com/files/165200/ETS5-Password-Recovery-Tool.html https://nvd.nist.gov https://github.com/robertguetzkow/ets5-password-recovery

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-36799

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect