Lucene search

[email protected]CVE-2023-49253

HistoryJan 12, 2024 - 3:15 p.m.

CVE-2023-49253

2024-01-1215:15:08

CWE-798

[email protected]

web.nvd.nist.gov

cve-2023-49253

root user password

device

hardcoded

unchangeable

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Root user password is hardcoded into the device and cannot be changed in the user interface.

Affected configurations

NVD

Node

hongdianh8951-4g-espMatch-

AND

hongdianh8951-4g-esp_firmwareRange<2310271149

CPENameOperatorVersion
hongdian:h8951-4g-esp_firmwarehongdian h8951-4g-esp firmwarelt2310271149 

CPE	Name	Operator	Version
hongdian:h8951-4g-esp_firmware	hongdian h8951-4g-esp firmware	lt	2310271149

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "H8951-4G-ESP",
    "vendor": "Hongdian",
    "versions": [
      {
        "lessThan": "2310271149",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

cert.pl/en/posts/2024/01/CVE-2023-49253/

cert.pl/posts/2024/01/CVE-2023-49253/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Related for CVE-2023-49253

nvd1 prion1 cvelist1