Baicells Nova

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baicells Equipment: Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 Vulnerability: Command injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow commands performed...

CVE-2023-0776

Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following metho...

CVE-2023-0776

Baicells Nova 436Q, Nova 430E, Nova 430I and Neutrino 430 LTE TDD eNodeB devices with firmware up to QRTB 2.12.7 are vulnerable to remote shell code execution via HTTP command injections. Affected firmware versions may execute commands with root privileges in pre-login context. Baicells indicates...

Baicells Nova

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Baicells Technologies Equipment: Nova Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands. 3...

CVE-2023-24508

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods...

CVE-2023-24022

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

Command injection

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have...

Hardcoded credentials

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

CVE-2023-24508

CVE-2023-24508 affects Baicells Nova 227, Nova 233, Nova 243 (and Nova 246) LTE TDD eNodeB devices with RTS/RTD 3.6.6. The vulnerability allows remote code execution via HTTP command injections, with commands executed in pre-login context and at root privilege level. Technical details in the conn...

CVE-2023-24508 Remote Code Execution in Baicells RTS Platform

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods...

CVE-2023-24022 Hard Coded Credential Crypt Vulnerability

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

CVE-2023-24022

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware RTS/RTD 3.7.11.3 contain hardcoded credentials stored in the firmware and encrypted by the crypt function, allowing remote attackers to authenticate via SSH. This is documented across multiple sources (NVD/Red Hat/CNNV...

Malicious code in tdd-react-store-locator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 855af4e7b69589b68e5747b1f884b744012d8435eac0ab9c915f2fea942d3189 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Huawei Data Communication: Memory Leak Vulnerability in Several Huawei Products (huawei-sa-20171213-04-xml)

There is a memory leak vulnerability in several Huawei products. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

amaze-tdd (>=0.0.9 <=0.2.5) potentially affected by CVE-2016-10562 via iedriver (=2.53.1)

iedriver NPM version =2.53.1 is affected by a known vulnerability. The following packages have a transitive dependency on iedriver and may be impacted: - amaze-tdd =0.0.9, =0.2.5 Source cves: CVE-2016-10562 Source advisory: OSV:GHSA-JFGQ-G48X-JQ83...

CVE-2017-15326

DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker...

CVE-2017-15326

CVE-2017-15326 affects Huawei DBS3900 TDD LTE (V100R003C00, V100R004C10). The issue is a weak encryption algorithm vulnerability where SSL/TLS negotiation can select insecure ciphers, allowing an unauthenticated remote attacker to crack encrypted data and cause information leakage. Public referen...

Huawei DBS3900 TDD LTE Weak Encryption Algorithm Vulnerability

DBS3900 TDD LTE is a modular design network equipment product from Huawei, China. The Huawei DBS3900 TDD LTE suffers from a weak encryption algorithm vulnerability, which can be exploited by remote attackers to crack the encrypted data, leading to information leakage...

Security Advisory - Weak Algorithm Vulnerability on Huawei Products

There is a weak encryption algorithm security vulnerability in the DBS3900 TDD LTE. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit th...