Changing the password on the module webpage does not require the user to type in the current password first. Thus, the password could be changed by a user or external process without knowledge of the current password on the ICX35-HWC-A and ICX35-HWC-E (Versions 1.9.62 and prior).
[
{
"product": "ICX35-HWC-A, ICX35-HWC-E",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Versions 1.9.62 and prior"
}
]
}
]