E3 Site Supervisor (firmware version < 2.31F01) has a default admin user "ONEDAY" with a daily generated password. An attacker can

E3 Site Supervisor Control (firmware version < 2.31F01) firmware upgrade packages are unsigned. An attacker can forge malicious fi

E3 Site Supervisor Control (firmware version < 2.31F01) generates the root linux password on each boot. An attacker can generate t

E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH an

E3 Site Supervisor Control (firmware version < 2.31F01) MGW contains an API call that lacks input validation. An attacker can use

E3 Site Supervisor Control (firmware version < 2.31F01) has a floor plan feature that allows for an unauthenticated attacker to up

E3 Site Supervisor Control (firmware version < 2.31F01) RCI service contains an API call to read users info, which returns all use

E3 Site Supervisor Control (firmware version < 2.31F01) has a floor plan feature that allows for an unauthenticated attacker to up

E3 Site Supervisor Control (firmware version < 2.31F01) application services (MGW and RCI) uses client side hashing for authentica