CRITICAL🇵🇱 Wersja polska

CVE-2023-49255

CVSS 9.8v3.1pub. 2024-01-12upd. 2025-06-03

The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. If any other user is currently logged in, the anonymous user can execute commands in the context of the authenticated one. If the logged in user has administrative privileges, it is possible to use webadmin service configuration commands to create a new admin user with a chosen password.

🤖 AI Analysis
How it works

The vulnerability results from the lack of authentication enforcement (CWE-306) for the router console's "data" endpoint. Session state is shared between users — if any user is logged in at the same time, an anonymous attacker can execute commands in the context of that session. When the active session belongs to an administrator, the attacker can use webadmin service configuration commands to create a new administrator account with an arbitrarily chosen password.

Impact

A remote, unauthenticated attacker can take full administrative control of the router by creating a new administrator account, resulting in complete breach of confidentiality, integrity, and availability of the device.

Mitigation & patch

Apply patches available from the manufacturer according to the references. Additionally, it is recommended to restrict network access to the router's management interface only to trusted IP addresses and to monitor unauthorized access attempts to the console.

Who is affected

Hongdian H8951-4G-Esp Firmware and Hongdian H8951-4G-Esp devices; specific versions indicated in manufacturer references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Hongdian H8951 4g Esp

    HW
    Hongdian
    wszystkie wersje
  • Hongdian H8951 4g Esp Firmware

    OS
    Hongdian
    < 2310271149
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-49253CRITICAL9.8PL ✓ten sam produkt

Hardkodowane hasło roota w urządzeniu Hongdian H8951-4G-Esp

CVE-2023-49262CRITICAL9.8PL ✓ten sam produkt

Pominięcie uwierzytelnienia przez przepełnienie pola Cookie w Hongdian H8951-4G-Esp

CVE-2023-49259HIGH7.5ten sam produkt

The authentication cookies are generated using an algorithm based on the username, hardcoded secret and the up...

CVE-2023-49257HIGH8.8ten sam produkt

An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility ...

CVE-2023-49261HIGH7.5ten sam produkt

The "tokenKey" value used in user authorization is visible in the HTML source of the login page.