CVE-2012-1806

Koyo H0-ecom - Authentication Bypass

Title source: rule

Description

The ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 supports a maximum password length of 8 bytes, which makes it easier for remote attackers to obtain access via a brute-force attack.

References (2)

[US Government Resource] http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-02.pdf

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/74876

Scores

EPSS 0.0041

EPSS Percentile 60.7%

Classification

CWE

CWE-287

Status draft

Affected Products (8)

koyo/h0-ecom

koyo/h0-ecom100

koyo/h2-ecom

koyo/h2-ecom-f

koyo/h2-ecom100

koyo/h4-ecom

koyo/h4-ecom-f

koyo/h4-ecom100

Timeline

Published Apr 13, 2012

Tracked Since Feb 18, 2026