Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 (-D/-K/-S/-DK/-DKS/-M/-W) firmware Ver. 1.03.45 and earlier allows a network-adjacent unauthenticated attacker to intercept wireless LAN communication, when the affected product performs the communication without changing the pre-shared key from the factory-default configuration.
[
{
"vendor": "Micro Research Ltd.",
"product": "MR-GM2",
"versions": [
{
"version": "firmware Ver. 3.00.03 and earlier",
"status": "affected"
}
]
},
{
"vendor": "Micro Research Ltd.",
"product": "MR-GM3 (-D/-K/-S/-DK/-DKS/-M/-W)",
"versions": [
{
"version": "firmware Ver. 1.03.45 and earlier",
"status": "affected"
}
]
}
]