HIGH🇬🇧 English

CVE-2024-38280

CVSS 7.0v4.0pub. 2024-06-13upd. 2024-11-21

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.

oryginał EN
CVSS Vector
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Motorola Vigilant Fixed Lpr Coms Box

    HW
    Motorola
    wszystkie wersje
  • Motorola Vigilant Fixed Lpr Coms Box Firmware

    OS
    Motorola
    ≤ 3.1.171.9
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-38281HIGH8.6ten sam produkt

An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on t...

CVE-2024-38279MEDIUM5.1ten sam produkt

The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass...

CVE-2024-23627CRITICAL9.0PL ✓ten sam vendor

Command injection w parametrze SaveStaticRouteIPv4Params routera Motorola MR2600

CVE-2024-23626CRITICAL9.0PL ✓ten sam vendor

Command injection w parametrze SaveSysLogParams routera Motorola MR2600

CVE-2024-23628CRITICAL9.0PL ✓ten sam vendor

Command injection w Motorola MR2600 — parametr SaveStaticRouteIPv6Params