An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.
oryginał ENCVSS Vector
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XMotorola Vigilant Fixed Lpr Coms Box
HWMotorolawszystkie wersjeMotorola Vigilant Fixed Lpr Coms Box Firmware
OSMotorola≤ 3.1.171.9
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2024-38281HIGH8.6ten sam produkt
An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on t...
CVE-2024-38279MEDIUM5.1ten sam produkt
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass...
CVE-2024-23627CRITICAL9.0PL ✓ten sam vendor
Command injection w parametrze SaveStaticRouteIPv4Params routera Motorola MR2600
CVE-2024-23626CRITICAL9.0PL ✓ten sam vendor
Command injection w parametrze SaveSysLogParams routera Motorola MR2600
CVE-2024-23628CRITICAL9.0PL ✓ten sam vendor
Command injection w Motorola MR2600 — parametr SaveStaticRouteIPv6Params