62 matches found
CVE-2023-24508
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods...
CVE-2023-24508
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods...
CVE-2023-24022
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
CVE-2023-24022
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
Command injection
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have...
Hardcoded credentials
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
多款Baicells Nova产品信任管理问题漏洞
Baicells Nova 227 is a miniature base station.Baicells Nova 233 is a miniature base station.Baicells Nova 243 is a miniature base station. A trust management issue vulnerability exists in the Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB device firmware prior to RTS/RTD 3.7.11.6. The...
多款Baicells Nova产品跨站脚本漏洞
Baicells Nova 227 is a miniature base station.Baicells Nova 233 is a miniature base station.Baicells Nova 243 is a miniature base station. A security vulnerability exists in the Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB firmware version RTS/RTD 3.6.6, which originates from a...
CVE-2023-24508 Remote Code Execution in Baicells RTS Platform
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods...
CVE-2023-24508
CVE-2023-24508 affects Baicells Nova 227, Nova 233, Nova 243 (and Nova 246) LTE TDD eNodeB devices with RTS/RTD 3.6.6. The vulnerability allows remote code execution via HTTP command injections, with commands executed in pre-login context and at root privilege level. Technical details in the conn...
CVE-2023-24508 Remote Code Execution in Baicells RTS Platform
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods...
CVE-2023-24022
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware RTS/RTD 3.7.11.3 contain hardcoded credentials stored in the firmware and encrypted by the crypt function, allowing remote attackers to authenticate via SSH. This is documented across multiple sources (NVD/Red Hat/CNNV...
CVE-2023-24022 Hard Coded Credential Crypt Vulnerability
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
CVE-2023-24022 Hard Coded Credential Crypt Vulnerability
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
PT-2023-7914 · Baicells · Baicells Nova 233 +3
Name of the Vulnerable Software and Affected Versions: Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 Description: The issue exists due to inadequate protection of the web page structure in Baicells LTE network management systems...
PT-2023-19365 · Baicells · Baicells Nova 233 +2
Name of the Vulnerable Software and Affected Versions: Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 Description: The issue concerns hardcoded credentials in the firmware of the affected devices. These credentials are easily discoverable a...
CVE-2022-24693
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
CVE-2022-24693
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
Hardcoded credentials
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...
CVE-2022-24693
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...