Lucene search

TalosCVE-2023-46685

HistoryJul 08, 2024 - 4:15 p.m.

CVE-2023-46685

2024-07-0816:15:03

CWE-798

CWE-259

talos

web.nvd.nist.gov

levelone wbr-6013

telnetd

hard-coded password

arbitrary command execution

vulnerability

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

39.3%

JSON

A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A set of specially crafted network packets can lead to arbitrary command execution.

Affected configurations

Nvd

Vulners

Vulnrichment

Node

level1wbr-6013_firmwareMatchrer4_a_v3411b_2t2r_lev_09_170623

AND

level1wbr-6013Match-

VendorProductVersionCPE
level1wbr-6013_firmwarerer4_a_v3411b_2t2r_lev_09_170623cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*
level1wbr-6013-cpe:2.3:h:level1:wbr-6013:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
level1	wbr-6013_firmware	rer4_a_v3411b_2t2r_lev_09_170623	cpe:2.3:o:level1:wbr-6013_firmware:rer4_a_v3411b_2t2r_lev_09_170623:::::::*
level1	wbr-6013	-	cpe:2.3:h:level1:wbr-6013:-:::::::*

CNA Affected

[
  {
    "vendor": "LevelOne",
    "product": "WBR-6013",
    "versions": [
      {
        "version": "RER4_A_v3411b_2T2R_LEV_09_170623",
        "status": "affected"
      }
    ]
  }
]

References

talosintelligence.com/vulnerability_reports/TALOS-2023-1871

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.001

Percentile

39.3%

JSON

Related for CVE-2023-46685