You must log in or register to comment.
In 2011 I was aghast when I learned a popular keycard / biometric system used FTP to pull down its cleartext list of acceptable keys from the server.
The username was something like ADMIN and the password was PASS.
And no, that wasn’t the FTP command; that was the password.
So I’m not surprised that there are still problems with these devices.
edit: more complete thought
To be fair to manufacturers for once here, this kind of this is usually due to users not properly securing these systems. The industry is still way behind on proper infosec but they’ve come a long way the last 10 years or so.