Common Weakness Enumeration

CWE-259

Allowed

Use of Hard-coded Password

Abstraction: Variant · Status: Draft

The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

315 vulnerabilities reference this CWE, most recent first.

CVE-2024-11630 (GCVE-0-2024-11630)

Vulnerability from cvelistv5 – Published: 2024-11-22 22:00 – Updated: 2024-11-25 21:23
VLAI
Title
E-Lins H685/H685f/H700/H720/H750/H820/H820Q/H820Q0/H900 OEM Backend hard-coded credentials
Summary
A vulnerability has been found in E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and H900 up to 3.2 and classified as critical. This vulnerability affects unknown code of the component OEM Backend. The manipulation leads to hard-coded credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-798 - Hard-coded Credentials
  • CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
Vendor Product Version
E-Lins H685 Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H685f Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H700 Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H720 Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H750 Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H820 Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H820Q Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H820Q0 Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
E-Lins H900 Affected: 3.0
Affected: 3.1
Affected: 3.2
Create a notification for this product.
e-lins h685 Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h685:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h685f Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h685f:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h700 Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h700:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h720 Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h720:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h750 Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h750:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h820 Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h820:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h820q Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h820q:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h820q0 Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h820q0:*:*:*:*:*:*:*:*
Create a notification for this product.
e-lins h900 Affected: 3.0
Affected: 3.1
Affected: 3.2
    cpe:2.3:a:e-lins:h900:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
liutong (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h685:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h685",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h685f:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h685f",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h700:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h700",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h720:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h720",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h750:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h750",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h820:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h820",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h820q:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h820q",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h820q0:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h820q0",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:e-lins:h900:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "h900",
            "vendor": "e-lins",
            "versions": [
              {
                "status": "affected",
                "version": "3.0"
              },
              {
                "status": "affected",
                "version": "3.1"
              },
              {
                "status": "affected",
                "version": "3.2"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11630",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T21:06:04.277733Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-25T21:23:06.245Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H685",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H685f",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H700",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H720",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H750",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H820",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H820Q",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H820Q0",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        },
        {
          "modules": [
            "OEM Backend"
          ],
          "product": "H900",
          "vendor": "E-Lins",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.1"
            },
            {
              "status": "affected",
              "version": "3.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "liutong (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and H900 up to 3.2 and classified as critical. This vulnerability affects unknown code of the component OEM Backend. The manipulation leads to hard-coded credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "In E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and H900 bis 3.2 wurde eine kritische Schwachstelle gefunden. Das betrifft eine unbekannte Funktionalit\u00e4t der Komponente OEM Backend. Durch Manipulation mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Als bestm\u00f6gliche Massnahme werden Anpassungen an der Konfiguration empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T22:00:07.324Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-285916 | E-Lins H685/H685f/H700/H720/H750/H820/H820Q/H820Q0/H900 OEM Backend hard-coded credentials",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.285916"
        },
        {
          "name": "VDB-285916 | CTI Indicators (IOB, IOC, TTP)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.285916"
        },
        {
          "name": "Submit #444738 | E-Lins Technology E-Lins H685 Routers \u003c=v3.2.337 Hard-coded Credentials",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.444738"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/I3eg1nner/iot-vuln/blob/main/E-lins/Hard-Coded%20Credential%20Vulnerability%20in%20E-Lins%20Routers.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-22T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-11-22T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-11-22T18:05:24.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "E-Lins H685/H685f/H700/H720/H750/H820/H820Q/H820Q0/H900 OEM Backend hard-coded credentials"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-11630",
    "datePublished": "2024-11-22T22:00:07.324Z",
    "dateReserved": "2024-11-22T17:00:20.839Z",
    "dateUpdated": "2024-11-25T21:23:06.245Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11026 (GCVE-0-2024-11026)

Vulnerability from cvelistv5 – Published: 2024-11-08 21:31 – Updated: 2024-11-12 15:34
VLAI
Title
Intelligent Apps Freenow App Keystore SSL.java hard-coded password
Summary
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument DEFAULT_KEYSTORE_PASSWORD with the input changeit leads to use of hard-coded password. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
  • CWE-255 - Credentials Management
Assigner
References
URL Tags
https://vuldb.com/?id.283544 vdb-entrytechnical-description
https://vuldb.com/?ctiid.283544 signaturepermissions-required
https://vuldb.com/?submit.434538 third-party-advisory
https://github.com/secuserx/CVE/blob/main/%5BHard… exploit
Impacted products
Credits
secuserx (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11026",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T15:34:15.098590Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T15:34:24.548Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Keystore Handler"
          ],
          "product": "Freenow App",
          "vendor": "Intelligent Apps",
          "versions": [
            {
              "status": "affected",
              "version": "12.10.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "secuserx (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument DEFAULT_KEYSTORE_PASSWORD with the input changeit leads to use of hard-coded password. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Eine problematische Schwachstelle wurde in Intelligent Apps Freenow App 12.10.0 f\u00fcr Android ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei ch/qos/logback/core/net/ssl/SSL.java der Komponente Keystore Handler. Durch Manipulieren des Arguments DEFAULT_KEYSTORE_PASSWORD mit der Eingabe changeit mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-255",
              "description": "Credentials Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-08T21:31:04.769Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-283544 | Intelligent Apps Freenow App Keystore SSL.java hard-coded password",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.283544"
        },
        {
          "name": "VDB-283544 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.283544"
        },
        {
          "name": "Submit #434538 | Intelligent Apps GmbH FREENOW (ex Beat app) 12.10.0 Use of Hard-coded, Security-relevant Constants",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.434538"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/secuserx/CVE/blob/main/%5BHardcoded%20Keystore%20Password%5D%20found%20in%20FREENOW%20(ex%20Beat%20app)%2012.10.0%20-%20(SSL.java).md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-08T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-11-08T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-11-08T15:22:50.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Intelligent Apps Freenow App Keystore SSL.java hard-coded password"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-11026",
    "datePublished": "2024-11-08T21:31:04.769Z",
    "dateReserved": "2024-11-08T14:17:02.864Z",
    "dateUpdated": "2024-11-12T15:34:24.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8580 (GCVE-0-2024-8580)

Vulnerability from cvelistv5 – Published: 2024-09-08 20:31 – Updated: 2024-09-09 13:44
VLAI
Title
TOTOLINK AC1200 T8 shadow.sample hard-coded password
Summary
A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220. This vulnerability affects unknown code of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
Vendor Product Version
TOTOLINK AC1200 T8 Affected: 4.1.5cu.861_B20230220
Create a notification for this product.
totolink ac1200_t8_firmware Affected: 4.1.5cu.861_B20230220
    cpe:2.3:o:totolink:ac1200_t8_firmware:4.1.5cu.861_b20230220:*:*:*:*:*:*:*
Create a notification for this product.
Credits
yhryhryhr_tu (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:totolink:ac1200_t8_firmware:4.1.5cu.861_b20230220:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ac1200_t8_firmware",
            "vendor": "totolink",
            "versions": [
              {
                "status": "affected",
                "version": "4.1.5cu.861_B20230220"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8580",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-09T13:24:28.585373Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-09T13:44:21.783Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AC1200 T8",
          "vendor": "TOTOLINK",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.5cu.861_B20230220"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "yhryhryhr_tu (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220. This vulnerability affects unknown code of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "In TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /etc/shadow.sample. Durch Beeinflussen mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.6,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-08T20:31:06.358Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-276814 | TOTOLINK AC1200 T8 shadow.sample hard-coded password",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.276814"
        },
        {
          "name": "VDB-276814 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.276814"
        },
        {
          "name": "Submit #401293 | TOTOLINK AC1200 T8 V4.1.5cu.861_B20230220 Use of Hard-coded Password",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.401293"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/AC1200T8/shadow.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.totolink.net/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-07T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-09-07T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-09-07T19:21:15.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TOTOLINK AC1200 T8 shadow.sample hard-coded password"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-8580",
    "datePublished": "2024-09-08T20:31:06.358Z",
    "dateReserved": "2024-09-07T17:16:11.960Z",
    "dateUpdated": "2024-09-09T13:44:21.783Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7332 (GCVE-0-2024-7332)

Vulnerability from cvelistv5 – Published: 2024-08-01 00:31 – Updated: 2024-08-06 19:35
VLAI
Title
TOTOLINK CP450 Telnet Service product.ini hard-coded password
Summary
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273255. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
Vendor Product Version
TOTOLINK CP450 Affected: 4.1.0cu.747_B20191224
Create a notification for this product.
totolink cp450_firmware Affected: 4.1.0cu.747_b20191224
    cpe:2.3:o:totolink:cp450_firmware:4.1.0cu.747_b20191224:*:*:*:*:*:*:*
Create a notification for this product.
Credits
yhryhryhr_miemie (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:totolink:cp450_firmware:4.1.0cu.747_b20191224:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cp450_firmware",
            "vendor": "totolink",
            "versions": [
              {
                "status": "affected",
                "version": "4.1.0cu.747_b20191224"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7332",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-06T19:29:22.987905Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:35:53.846Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Telnet Service"
          ],
          "product": "CP450",
          "vendor": "TOTOLINK",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.0cu.747_B20191224"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "yhryhryhr_miemie (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273255. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in TOTOLINK CP450 4.1.0cu.747_B20191224 ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /web_cste/cgi-bin/product.ini der Komponente Telnet Service. Durch Manipulation mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 10,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-01T00:31:04.452Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-273255 | TOTOLINK CP450 Telnet Service product.ini hard-coded password",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.273255"
        },
        {
          "name": "VDB-273255 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.273255"
        },
        {
          "name": "Submit #378357 | TOTOLINK CP450 v4.1.0cu.747_B20191224 Use of Hard-coded Password",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.378357"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/CP450/product.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-31T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-07-31T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-07-31T14:35:37.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TOTOLINK CP450 Telnet Service product.ini hard-coded password"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-7332",
    "datePublished": "2024-08-01T00:31:04.452Z",
    "dateReserved": "2024-07-31T12:30:11.013Z",
    "dateUpdated": "2024-08-06T19:35:53.846Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7216 (GCVE-0-2024-7216)

Vulnerability from cvelistv5 – Published: 2024-07-30 04:00 – Updated: 2024-08-01 21:52
VLAI
Title
TOTOLINK LR1200 shadow.sample hard-coded password
Summary
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272787. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
Vendor Product Version
TOTOLINK LR1200 Affected: 9.3.1cu.2832
Create a notification for this product.
totolink lr1200_firmware Affected: 9.3.1cu.2832
    cpe:2.3:o:totolink:lr1200_firmware:9.3.1cu.2832:*:*:*:*:*:*:*
Create a notification for this product.
Credits
yhryhryhr_miemie (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:totolink:lr1200_firmware:9.3.1cu.2832:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "lr1200_firmware",
            "vendor": "totolink",
            "versions": [
              {
                "status": "affected",
                "version": "9.3.1cu.2832"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7216",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-30T14:20:40.359345Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-30T14:48:20.468Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:52:31.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VDB-272787 | TOTOLINK LR1200 shadow.sample hard-coded password",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.272787"
          },
          {
            "name": "VDB-272787 | CTI Indicators (IOB, IOC, TTP, IOA)",
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.272787"
          },
          {
            "name": "Submit #378331 | TOTOLINK LR1200 V9.3.1cu.2832 Use of Hard-coded Password",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?submit.378331"
          },
          {
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/LR1200/shadow.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "LR1200",
          "vendor": "TOTOLINK",
          "versions": [
            {
              "status": "affected",
              "version": "9.3.1cu.2832"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "yhryhryhr_miemie (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272787. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in TOTOLINK LR1200 9.3.1cu.2832 ausgemacht. Sie wurde als problematisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /etc/shadow.sample. Durch das Beeinflussen mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.4,
            "vectorString": "AV:A/AC:H/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-30T04:00:05.592Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-272787 | TOTOLINK LR1200 shadow.sample hard-coded password",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.272787"
        },
        {
          "name": "VDB-272787 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.272787"
        },
        {
          "name": "Submit #378331 | TOTOLINK LR1200 V9.3.1cu.2832 Use of Hard-coded Password",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.378331"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/LR1200/shadow.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-29T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-07-29T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-07-29T20:23:00.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TOTOLINK LR1200 shadow.sample hard-coded password"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-7216",
    "datePublished": "2024-07-30T04:00:05.592Z",
    "dateReserved": "2024-07-29T18:17:45.931Z",
    "dateUpdated": "2024-08-01T21:52:31.490Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7170 (GCVE-0-2024-7170)

Vulnerability from cvelistv5 – Published: 2024-07-28 22:00 – Updated: 2024-08-01 21:52
VLAI
Title
TOTOLINK A3000RU product.ini hard-coded password
Summary
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272591. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
Vendor Product Version
TOTOLINK A3000RU Affected: 5.9c.5185
Create a notification for this product.
totolink a3000ru_firmware Affected: 5.9c.5185_b20201128
    cpe:2.3:o:totolink:a3000ru_firmware:5.9c.5185_b20201128:*:*:*:*:*:*:*
Create a notification for this product.
Credits
wxhwxhwxh_mie (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:totolink:a3000ru_firmware:5.9c.5185_b20201128:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "a3000ru_firmware",
            "vendor": "totolink",
            "versions": [
              {
                "status": "affected",
                "version": "5.9c.5185_b20201128"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7170",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-29T18:12:48.112624Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-29T18:13:41.104Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:52:30.503Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VDB-272591 | TOTOLINK A3000RU product.ini hard-coded password",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.272591"
          },
          {
            "name": "VDB-272591 | CTI Indicators (IOB, IOC, TTP, IOA)",
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.272591"
          },
          {
            "name": "Submit #377957 | TOTOLINK A3000RU_Firmware V5.9c.5185 Use of Hard-coded Password",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?submit.377957"
          },
          {
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3000RU/product.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "A3000RU",
          "vendor": "TOTOLINK",
          "versions": [
            {
              "status": "affected",
              "version": "5.9c.5185"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "wxhwxhwxh_mie (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272591. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in TOTOLINK A3000RU 5.9c.5185 ausgemacht. Sie wurde als problematisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /web_cste/cgi-bin/product.ini. Dank der Manipulation mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.7,
            "vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-28T22:00:06.652Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-272591 | TOTOLINK A3000RU product.ini hard-coded password",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.272591"
        },
        {
          "name": "VDB-272591 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.272591"
        },
        {
          "name": "Submit #377957 | TOTOLINK A3000RU_Firmware V5.9c.5185 Use of Hard-coded Password",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.377957"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3000RU/product.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-28T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-07-28T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-07-28T07:39:28.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TOTOLINK A3000RU product.ini hard-coded password"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-7170",
    "datePublished": "2024-07-28T22:00:06.652Z",
    "dateReserved": "2024-07-28T05:34:20.994Z",
    "dateUpdated": "2024-08-01T21:52:30.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7159 (GCVE-0-2024-7159)

Vulnerability from cvelistv5 – Published: 2024-07-28 14:31 – Updated: 2024-08-01 21:52
VLAI
Title
TOTOLINK A3600R Telnet Service product.ini hard-coded password
Summary
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier VDB-272573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
Vendor Product Version
TOTOLINK A3600R Affected: 4.1.2cu.5182_B20201102
Create a notification for this product.
totolink a3600r_firmware Affected: 4.1.2cu.5182_b20201102
    cpe:2.3:o:totolink:a3600r_firmware:4.1.2cu.5182_b20201102:*:*:*:*:*:*:*
Create a notification for this product.
Credits
wxhwxhwxh_mie (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:totolink:a3600r_firmware:4.1.2cu.5182_b20201102:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "a3600r_firmware",
            "vendor": "totolink",
            "versions": [
              {
                "status": "affected",
                "version": "4.1.2cu.5182_b20201102"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7159",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-29T13:14:43.659865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-29T17:06:47.984Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:52:30.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VDB-272573 | TOTOLINK A3600R Telnet Service product.ini hard-coded password",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.272573"
          },
          {
            "name": "VDB-272573 | CTI Indicators (IOB, IOC, TTP, IOA)",
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.272573"
          },
          {
            "name": "Submit #377942 | TOTOLINK A3600R V4.1.2cu.5182_B20201102 Use of Hard-coded Password",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?submit.377942"
          },
          {
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/product.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Telnet Service"
          ],
          "product": "A3600R",
          "vendor": "TOTOLINK",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.2cu.5182_B20201102"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "wxhwxhwxh_mie (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier VDB-272573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in TOTOLINK A3600R 4.1.2cu.5182_B20201102 ausgemacht. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /web_cste/cgi-bin/product.ini der Komponente Telnet Service. Durch Manipulation mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4.9,
            "vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-28T14:31:06.336Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-272573 | TOTOLINK A3600R Telnet Service product.ini hard-coded password",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.272573"
        },
        {
          "name": "VDB-272573 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.272573"
        },
        {
          "name": "Submit #377942 | TOTOLINK A3600R V4.1.2cu.5182_B20201102 Use of Hard-coded Password",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.377942"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3600R/product.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-27T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-07-27T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-07-27T19:32:46.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TOTOLINK A3600R Telnet Service product.ini hard-coded password"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-7159",
    "datePublished": "2024-07-28T14:31:06.336Z",
    "dateReserved": "2024-07-27T17:27:28.240Z",
    "dateUpdated": "2024-08-01T21:52:30.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7155 (GCVE-0-2024-7155)

Vulnerability from cvelistv5 – Published: 2024-07-28 10:00 – Updated: 2024-08-01 21:52
VLAI
Title
TOTOLINK A3300R shadow.sample hard-coded password
Summary
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-272569 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
Assigner
References
Impacted products
Vendor Product Version
TOTOLINK A3300R Affected: 17.0.0cu.557_B20221024
Create a notification for this product.
totolink a3300r Affected: 17.0.0cu.557_B20221024
    cpe:2.3:h:totolink:a3300r:-:*:*:*:*:*:*:*
Create a notification for this product.
Credits
yhryhryhr_tu (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:totolink:a3300r:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "a3300r",
            "vendor": "totolink",
            "versions": [
              {
                "status": "affected",
                "version": "17.0.0cu.557_B20221024"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7155",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-29T14:00:45.836405Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-29T14:01:56.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:52:30.711Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VDB-272569 | TOTOLINK A3300R shadow.sample hard-coded password",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.272569"
          },
          {
            "name": "VDB-272569 | CTI Indicators (IOB, IOC, TTP, IOA)",
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.272569"
          },
          {
            "name": "Submit #377465 | TOTOLINK A3300R V17.0.0cu.557_B20221024 Use of Hard-coded Password",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?submit.377465"
          },
          {
            "tags": [
              "exploit",
              "x_transferred"
            ],
            "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3300R/shadow.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "A3300R",
          "vendor": "TOTOLINK",
          "versions": [
            {
              "status": "affected",
              "version": "17.0.0cu.557_B20221024"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "yhryhryhr_tu (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-272569 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
        },
        {
          "lang": "de",
          "value": "In TOTOLINK A3300R 17.0.0cu.557_B20221024 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /etc/shadow.sample. Dank der Manipulation mit unbekannten Daten kann eine use of hard-coded password-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1,
            "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-28T10:00:06.076Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-272569 | TOTOLINK A3300R shadow.sample hard-coded password",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.272569"
        },
        {
          "name": "VDB-272569 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.272569"
        },
        {
          "name": "Submit #377465 | TOTOLINK A3300R V17.0.0cu.557_B20221024 Use of Hard-coded Password",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.377465"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/A3300R/shadow.md"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-27T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-07-27T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-07-27T19:32:38.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TOTOLINK A3300R shadow.sample hard-coded password"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-7155",
    "datePublished": "2024-07-28T10:00:06.076Z",
    "dateReserved": "2024-07-27T17:27:17.368Z",
    "dateUpdated": "2024-08-01T21:52:30.711Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5275 (GCVE-0-2024-5275)

Vulnerability from cvelistv5 – Published: 2024-06-18 14:11 – Updated: 2024-08-01 21:11
VLAI
Title
Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier)
Summary
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of FileCatalyst Workflow from 5.1.6 Build 130 and earlier.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
Assigner
Impacted products
Vendor Product Version
Fortra FileCatalyst Direct Affected: 3.7 , ≤ 3.8.10.138 (custom)
Create a notification for this product.
Fortra FileCatalyst Workflow Affected: 4.9.8 , ≤ 5.1.6.130 (custom)
Create a notification for this product.
fortra filecatalyst_direct Affected: 3.7 , < 3.8.10 (custom)
    cpe:2.3:a:fortra:filecatalyst_direct:3.7:*:*:*:*:*:*:*
Create a notification for this product.
fortra filecatalyst_workflow Affected: 4.9.8 , < 5.1.6 (custom)
    cpe:2.3:a:fortra:filecatalyst_workflow:4.9.8:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Greg at Palmer Research
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:fortra:filecatalyst_direct:3.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "filecatalyst_direct",
            "vendor": "fortra",
            "versions": [
              {
                "lessThan": "3.8.10",
                "status": "affected",
                "version": "3.7",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:fortra:filecatalyst_workflow:4.9.8:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "filecatalyst_workflow",
            "vendor": "fortra",
            "versions": [
              {
                "lessThan": "5.1.6",
                "status": "affected",
                "version": "4.9.8",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5275",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T18:37:44.102902Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-15T19:16:50.495Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:11:12.408Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.fortra.com/security/advisory/fi-2024-007"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.fortra.com/filecatalyst/kb-articles/action-required-by-june-18th-2024-filecatalyst-transferagent-ssl-and-localhost-changes-MWQwYjI3ZGItZmQyMS1lZjExLTg0MGItMDAyMjQ4MGE0MDNm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "TransferAgent"
          ],
          "product": "FileCatalyst Direct",
          "vendor": "Fortra",
          "versions": [
            {
              "lessThanOrEqual": "3.8.10.138",
              "status": "affected",
              "version": "3.7",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "FileCatalyst Workflow",
          "vendor": "Fortra",
          "versions": [
            {
              "lessThanOrEqual": "5.1.6.130",
              "status": "affected",
              "version": "4.9.8",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Greg at Palmer Research"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of\u0026nbsp;FileCatalyst Workflow from 5.1.6 Build 130 and earlier."
            }
          ],
          "value": "A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of\u00a0FileCatalyst Workflow from 5.1.6 Build 130 and earlier."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-191",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-191 Read Sensitive Constants Within an Executable"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-18T14:11:37.005Z",
        "orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
        "shortName": "Fortra"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.fortra.com/security/advisory/fi-2024-007"
        },
        {
          "url": "https://support.fortra.com/filecatalyst/kb-articles/action-required-by-june-18th-2024-filecatalyst-transferagent-ssl-and-localhost-changes-MWQwYjI3ZGItZmQyMS1lZjExLTg0MGItMDAyMjQ4MGE0MDNm"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For FileCatalyst Direct users,\u0026nbsp;upgrade to 3.8.10 build 144 (or higher)  \u003cbr\u003eFor FileCatalyst Workflow users, upgrade to 5.1.6 build 133 (or later)\u003cbr\u003eFor those using the FileCatalyst TransferAgent remotely, e.g., as a remote-controlled node accepting REST calls, update REST calls to \"http\". If \"https\" is still required, a new SSL key and add it to the agent keystore."
            }
          ],
          "value": "For FileCatalyst Direct users,\u00a0upgrade to 3.8.10 build 144 (or higher)  \nFor FileCatalyst Workflow users, upgrade to 5.1.6 build 133 (or later)\nFor those using the FileCatalyst TransferAgent remotely, e.g., as a remote-controlled node accepting REST calls, update REST calls to \"http\". If \"https\" is still required, a new SSL key and add it to the agent keystore."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
    "assignerShortName": "Fortra",
    "cveId": "CVE-2024-5275",
    "datePublished": "2024-06-18T14:11:37.005Z",
    "dateReserved": "2024-05-23T16:28:44.181Z",
    "dateUpdated": "2024-08-01T21:11:12.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-4996 (GCVE-0-2024-4996)

Vulnerability from cvelistv5 – Published: 2024-12-18 11:37 – Updated: 2025-10-07 13:21
VLAI
Title
Hardcoded Password in Wapro ERP Desktop
Summary
Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP installations. This issue affects Wapro ERP Desktop versions before 8.90.0.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-259 - Use of Hard-coded Password
  • CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
Date Public
2024-12-18 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-4996",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-18T14:45:51.568653Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-798",
                "description": "CWE-798 Use of Hard-coded Credentials",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-07T13:21:35.535Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Wapro ERP Desktop",
          "vendor": "Asseco Business Solutions S.A.",
          "versions": [
            {
              "lessThan": "8.90.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-12-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of a hard-coded password for a database administrator account created during Wapro ERP\u0026nbsp;installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP\u0026nbsp;installations.\u0026nbsp;\u003cp\u003eThis issue affects Wapro ERP Desktop versions before 8.90.0.\u003c/p\u003e"
            }
          ],
          "value": "Use of a hard-coded password for a database administrator account created during Wapro ERP\u00a0installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Wapro ERP\u00a0installations.\u00a0This issue affects Wapro ERP Desktop versions before 8.90.0."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "IRRECOVERABLE",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:I/V:C/RE:M/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-259",
              "description": "CWE-259 Use of Hard-coded Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-03T09:03:57.204Z",
        "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "shortName": "CERT-PL"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/en/posts/2024/12/CVE-2024-4995/"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://cert.pl/posts/2024/12/CVE-2024-4995/"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://wapro.pl/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Hardcoded Password in Wapro ERP Desktop",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
    "assignerShortName": "CERT-PL",
    "cveId": "CVE-2024-4996",
    "datePublished": "2024-12-18T11:37:23.937Z",
    "dateReserved": "2024-05-16T10:39:01.510Z",
    "dateUpdated": "2025-10-07T13:21:35.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design

For outbound authentication: store passwords outside of the code in a strongly-protected, encrypted configuration file or database that is protected from access by all outsiders, including other local users on the same system. Properly protect the key (CWE-320). If you cannot use encryption to protect the file, then make sure that the permissions are as restrictive as possible.

Mitigation
Architecture and Design

For inbound authentication: Rather than hard-code a default username and password for first time logins, utilize a "first login" mode that requires the user to enter a unique strong password.

Mitigation
Architecture and Design

Perform access control checks and limit which entities can access the feature that requires the hard-coded password. For example, a feature might only be enabled through the system console instead of through a network connection.

Mitigation
Architecture and Design
  • For inbound authentication: apply strong one-way hashes to your passwords and store those hashes in a configuration file or database with appropriate access control. That way, theft of the file/database still requires the attacker to try to crack the password. When receiving an incoming password during authentication, take the hash of the password and compare it to the hash that you have saved.
  • Use randomly assigned salts for each separate hash that you generate. This increases the amount of computation that an attacker needs to conduct a brute-force attack, possibly limiting the effectiveness of the rainbow table method.
Mitigation
Architecture and Design

For front-end to back-end connections: Three solutions are possible, although none are complete.

No CAPEC attack patterns related to this CWE.