Default credentials

2023-11-1411:15:00

PRIOn knowledge base

www.prio-n.com

default credentials

unauthorized access

insufficient checks

privilege escalation.

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

Affected devices allow to change the password, but insufficiently check which password is to be changed. With this an authenticated attacker could, under certain conditions, be able to change the password of another, potential admin user allowing her to escalate her privileges.

CPENameOperatorVersion
6ag1206-2bb00-7ac2_firmwarelt4.5
6ag1206-2bs00-7ac2_firmwarelt4.5
6ag1208-0ba00-7ac2_firmwarelt4.5
6ag1216-4bs00-7ac2_firmwarelt4.5
6gk5204-0ba00-2gf2_firmwarelt4.5
6gk5204-0ba00-2yf2_firmwarelt4.5
6gk5204-2aa00-2gf2_firmwarelt4.5
6gk5204-2aa00-2yf2_firmwarelt4.5
6gk5205-3bb00-2ab2_firmwarelt4.5
6gk5205-3bb00-2tb2_firmwarelt4.5

Name	Operator	Version
6ag1206-2bb00-7ac2_firmware	lt	4.5
6ag1206-2bs00-7ac2_firmware	lt	4.5
6ag1208-0ba00-7ac2_firmware	lt	4.5
6ag1216-4bs00-7ac2_firmware	lt	4.5
6gk5204-0ba00-2gf2_firmware	lt	4.5
6gk5204-0ba00-2yf2_firmware	lt	4.5
6gk5204-2aa00-2gf2_firmware	lt	4.5
6gk5204-2aa00-2yf2_firmware	lt	4.5
6gk5205-3bb00-2ab2_firmware	lt	4.5
6gk5205-3bb00-2tb2_firmware	lt	4.5