The Tegile IntelliFlash OS was affected by a password disclosure vulnerability. The web interface stored passwords in cleartext. By inspecting the source code of the web interface, an attacker could retrieve passwords.
News & Events
News in category "Advisories"
Critical vulnerabilities were identified in the Greyhound APIs primarily due to insufficient authentication controls. Exploitation of these can result in the exposure of personally identifiable information (PII) for the customers who had joined the Road Rewards program. Additionally, an attacker can also remotely exploit an internet-exposed web service that hosts account information for Greyhound customers as well as other sensitive information. An attacker could use this vulnerability to gain access unrestricted access and completely take over user accounts belonging to affected members.