CRITICAL🇬🇧 English

CVE-2023-30603

CVSS 9.8v3.1pub. 2023-06-02upd. 2024-11-21

Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. An unauthenticated remote attackers can exploit this vulnerability to obtain the administrator’s privilege, resulting in performing arbitrary system operation or disrupt service.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Hitrontech Coda 5310

    HW
    Hitrontech
    wszystkie wersje
  • Hitrontech Coda 5310 Firmware

    OS
    Hitrontech
    7.2.4.7.1b3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-30604CRITICAL9.8ten sam produkt

It is identified a vulnerability of insufficient authentication in the system configuration interface of Hitro...

CVE-2022-47616HIGH7.2ten sam produkt

Hitron CODA-5310 has insufficient filtering for specific parameters in the connection test function. A remote ...

CVE-2022-47617HIGH7.2ten sam produkt

Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker authenticate...

CVE-2023-30602HIGH7.5ten sam produkt

Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An unauthenticated remo...

CVE-2024-25730CRITICAL9.8PL ✓ten sam vendor

Hitron CODA-4582/4589 — słabe domyślne klucze PSK z niewystarczającą entropią