CVE-2023-41926 Information

Description

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80 it enables potential eavesdropping on user traffic making it possible to intercept their credentials.

Reference

https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273