Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can restore the passwords by breaking the hashes stored on the device.
Credits
Felix Eberstaller and Nino Fürthauer of Limes Security reported these vulnerabilities to CISA.
