CVE-2020-11926 Information

Description

An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Clients can authenticate themselves to the device using a username and password. These credentials can be obtained through an unauthenticated web request e.g. for a JavaScript file. Also the disclosed information includes the SSID and WPA2 key for the Wi-Fi network the device is connected to.

Reference

https://seclists.org/fulldisclosure/2024/Jul/14