Primary

Context

Browan Communications PrismX MX100 AP Controller Insufficiently Protected Credentials Vulnerability

Vulnerability

A vulnerability allowing authenticated remote attackers to access SMTP plaintext passwords through the web interface has been identified in the Browan Communications PrismX MX100 AP controller, versions prior to 1.03.23.01. This issue arises from insufficient protection of credentials, enabling privileged remote attackers to exploit the vulnerability.

Impact

Exploitation of this vulnerability allows for the unauthorized retrieval of SMTP plaintext passwords, potentially leading to unauthorized email access or manipulation.

Remediation

Users are advised to update the firmware to version 1.03.23.01 or later.

Added: Jan 20, 2026, 7:19 AM

Updated: Jan 20, 2026, 7:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.0

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.0

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Browan Communications PrismX MX100 AP Controller Insufficiently Protected Credentials Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating