All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function.CreditsJoel Gámez Molina (@JoelGMSec)Referenceshttps://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups
