Cleartext Transmission of Sensitive Information
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-319: Cleartext Transmission of Sensitive Information |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The code creates or connects to a Telnet server, which transmits all data—including credentials—in clear text without encryption. This makes sensitive information vulnerable to interception by attackers.
Impact#
If exploited, attackers can easily capture usernames, passwords, and other confidential data sent over the network. This could lead to unauthorized access, data theft, or further compromise of your systems and users.