Common Weakness Enumeration

CWE-489

Allowed

Active Debug Code

Abstraction: Base · Status: Draft

The product is released with debugging code still enabled or active.

141 vulnerabilities reference this CWE, most recent first.

CVE-2024-28008 (GCVE-0-2024-28008)

Vulnerability from cvelistv5 – Published: 2024-03-28 00:52 – Updated: 2025-01-14 03:52
VLAI
Summary
Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
NEC
Impacted products
Vendor Product Version
NEC Corporation WG1800HP4 Affected: all versions
Create a notification for this product.
NEC Corporation WG1200HS3 Affected: all versions
Create a notification for this product.
NEC Corporation WG1900HP2 Affected: all versions
Create a notification for this product.
NEC Corporation WG1200HP3 Affected: all versions
Create a notification for this product.
NEC Corporation WG1800HP3 Affected: all versions
Create a notification for this product.
NEC Corporation WG1200HS2 Affected: all versions
Create a notification for this product.
NEC Corporation WG1900HP Affected: all versions
Create a notification for this product.
NEC Corporation WG1200HP2 Affected: all versions
Create a notification for this product.
NEC Corporation W1200EX(-MS) Affected: all versions
Create a notification for this product.
NEC Corporation WG1200HS Affected: all versions
Create a notification for this product.
NEC Corporation WG1200HP Affected: all versions
Create a notification for this product.
NEC Corporation WF300HP2 Affected: all versions
Create a notification for this product.
NEC Corporation W300P Affected: all versions
Create a notification for this product.
NEC Corporation WF800HP Affected: all versions
Create a notification for this product.
NEC Corporation WR8165N Affected: all versions
Create a notification for this product.
NEC Corporation WG2200HP Affected: all versions
Create a notification for this product.
NEC Corporation WF1200HP2 Affected: all versions
Create a notification for this product.
NEC Corporation WG1800HP2 Affected: all versions
Create a notification for this product.
NEC Corporation WF1200HP Affected: all versions
Create a notification for this product.
NEC Corporation WG600HP Affected: all versions
Create a notification for this product.
NEC Corporation WG300HP Affected: all versions
Create a notification for this product.
NEC Corporation WF300HP Affected: all versions
Create a notification for this product.
NEC Corporation WG1800HP Affected: all versions
Create a notification for this product.
NEC Corporation WG1400HP Affected: all versions
Create a notification for this product.
NEC Corporation WR8175N Affected: all versions
Create a notification for this product.
NEC Corporation WR9300N Affected: all versions
Create a notification for this product.
NEC Corporation WR8750N Affected: all versions
Create a notification for this product.
NEC Corporation WR8160N Affected: all versions
Create a notification for this product.
NEC Corporation WR9500N Affected: all versions
Create a notification for this product.
NEC Corporation WR8600N Affected: all versions
Create a notification for this product.
NEC Corporation WR8370N Affected: all versions
Create a notification for this product.
NEC Corporation WR8170N Affected: all versions
Create a notification for this product.
NEC Corporation WR8700N Affected: all versions
Create a notification for this product.
NEC Corporation WR8300N Affected: all versions
Create a notification for this product.
NEC Corporation WR8150N Affected: all versions
Create a notification for this product.
NEC Corporation WR4100N Affected: all versions
Create a notification for this product.
NEC Corporation WR4500N Affected: all versions
Create a notification for this product.
NEC Corporation WR8100N Affected: all versions
Create a notification for this product.
NEC Corporation WR8500N Affected: all versions
Create a notification for this product.
NEC Corporation CR2500P Affected: all versions
Create a notification for this product.
NEC Corporation WR8400N Affected: all versions
Create a notification for this product.
NEC Corporation WR8200N Affected: all versions
Create a notification for this product.
NEC Corporation WR1200H Affected: all versions
Create a notification for this product.
NEC Corporation WR7870S Affected: all versions
Create a notification for this product.
NEC Corporation WR6670S Affected: all versions
Create a notification for this product.
NEC Corporation WR7850S Affected: all versions
Create a notification for this product.
NEC Corporation WR6650S Affected: all versions
Create a notification for this product.
NEC Corporation WR6600H Affected: all versions
Create a notification for this product.
NEC Corporation WR7800H Affected: all versions
Create a notification for this product.
NEC Corporation WM3400RN Affected: all versions
Create a notification for this product.
NEC Corporation WM3450RN Affected: all versions
Create a notification for this product.
NEC Corporation WM3500R Affected: all versions
Create a notification for this product.
NEC Corporation WM3600R Affected: all versions
Create a notification for this product.
NEC Corporation WM3800R Affected: all versions
Create a notification for this product.
NEC Corporation WR8166N Affected: all versions
Create a notification for this product.
NEC Corporation MR01LN Affected: all versions
Create a notification for this product.
NEC Corporation MR02LN Affected: all versions
Create a notification for this product.
NEC Corporation WG1810HP(JE) Affected: all versions
Create a notification for this product.
NEC Corporation WG1810HP(MF) Affected: all versions
Create a notification for this product.
nec aterm_wg1800hp4_firmware Affected: 0 , ≤ * (custom)
    cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_w1200ex-ms_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wf300hp2_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wf800hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1200hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1200hs2_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1200hs_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:h:nec:aterm_wg1800hp3:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1900hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr8165n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1200hp3_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1900hp2_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1200hs3_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:nec:aterm_wg1800hp4_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Katsuhiko Sato and Ryo Kashiro of 00One, Inc. and Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:nec:aterm_wr8700n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_w1200ex-ms_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wf300hp2_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wf300hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wf800hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1200hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1200hs2_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1200hs_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1400hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1800hp2_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:nec:aterm_wg1800hp3:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1800hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1900hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg2200hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg300hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg600hp_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr8165n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr8170n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr8175n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr8370n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr8600n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr8750n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr9300n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wr9500n_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1200hp3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1900hp2_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1200hs3_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:nec:aterm_wg1800hp4_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "aterm_wg1800hp4_firmware",
            "vendor": "nec",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-28008",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-02T13:05:24.151876Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-29T16:41:51.065Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:48:47.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP4",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HS3",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1900HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HP3",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP3",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HS2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1900HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "W1200EX(-MS)",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HS",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1200HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF300HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "W300P",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF800HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8165N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG2200HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF1200HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP2",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF1200HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG600HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG300HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WF300HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1800HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1400HP",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8175N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR9300N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8750N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8160N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR9500N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8600N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8370N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8170N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8700N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8300N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8150N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR4100N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR4500N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8100N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8500N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "CR2500P",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8400N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8200N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR1200H",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR7870S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR6670S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR7850S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR6650S",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR6600H",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR7800H",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3400RN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3450RN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3500R",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3600R",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WM3800R",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WR8166N",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "MR01LN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "MR02LN",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1810HP(JE)",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "WG1810HP(MF)",
          "vendor": "NEC Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "all versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Katsuhiko Sato and Ryo Kashiro of 00One, Inc. and Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet."
            }
          ],
          "value": "Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, WF800HP, WR8165N, WG2200HP, WF1200HP2, WG1800HP2, WF1200HP, WG600HP, WG300HP, WF300HP, WG1800HP, WG1400HP, WR8175N, WR9300N, WR8750N, WR8160N, WR9500N, WR8600N, WR8370N, WR8170N, WR8700N, WR8300N, WR8150N, WR4100N, WR4500N, WR8100N, WR8500N, CR2500P, WR8400N, WR8200N, WR1200H, WR7870S, WR6670S, WR7850S, WR6650S, WR6600H, WR7800H, WM3400RN, WM3450RN, WM3500R, WM3600R, WM3800R, WR8166N, MR01LN MR02LN, WG1810HP(JE) and WG1810HP(MF) all versions allows a attacker to execute an arbitrary OS command via the internet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Active Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T03:52:42.613Z",
        "orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
        "shortName": "NEC"
      },
      "references": [
        {
          "url": "https://jpn.nec.com/security-info/secinfo/nv24-001_en.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
    "assignerShortName": "NEC",
    "cveId": "CVE-2024-28008",
    "datePublished": "2024-03-28T00:52:51.641Z",
    "dateReserved": "2024-02-29T08:40:07.582Z",
    "dateUpdated": "2025-01-14T03:52:42.613Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-21827 (GCVE-0-2024-21827)

Vulnerability from cvelistv5 – Published: 2024-06-25 14:01 – Updated: 2025-11-04 17:14
VLAI
Summary
A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Tp-Link ER7206 Omada Gigabit VPN Router Affected: 1.4.1 Build 20240117 Rel.57421
Create a notification for this product.
tp-link er7206 Affected: 1.4.1
    cpe:2.3:h:tp-link:er7206:1.4.1:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Discovered by the Vulnerability Discovery and Research team of Cisco Talos.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:tp-link:er7206:1.4.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "er7206",
            "vendor": "tp-link",
            "versions": [
              {
                "status": "affected",
                "version": "1.4.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21827",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T03:55:30.451509Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T13:04:19.580Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T17:14:15.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ER7206 Omada Gigabit VPN Router",
          "vendor": "Tp-Link",
          "versions": [
            {
              "status": "affected",
              "version": "1.4.1 Build 20240117 Rel.57421"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Leftover Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-25T17:00:06.591Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2024-21827",
    "datePublished": "2024-06-25T14:01:26.644Z",
    "dateReserved": "2024-02-14T16:25:03.146Z",
    "dateUpdated": "2025-11-04T17:14:15.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-21785 (GCVE-0-2024-21785)

Vulnerability from cvelistv5 – Published: 2024-05-28 15:30 – Updated: 2025-02-13 17:33
VLAI
Summary
A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
AutomationDirect P3-550E Affected: 1.2.10.9
Create a notification for this product.
automationdirect p3-550e Affected: 1.2.10.9
    cpe:2.3:h:automationdirect:p3-550e:1.2.10.9:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Discovered by Matt Wiseman of Cisco Talos.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:automationdirect:p3-550e:1.2.10.9:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "p3-550e",
            "vendor": "automationdirect",
            "versions": [
              {
                "status": "affected",
                "version": "1.2.10.9"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21785",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-28T19:44:44.655610Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:38:08.980Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:27:36.303Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942"
          },
          {
            "name": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038",
            "tags": [
              "x_transferred"
            ],
            "url": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1942"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "P3-550E",
          "vendor": "AutomationDirect",
          "versions": [
            {
              "status": "affected",
              "version": "1.2.10.9"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Matt Wiseman of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Leftover Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-10T16:07:49.309Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1942"
        },
        {
          "name": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038",
          "url": "https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038"
        },
        {
          "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1942"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2024-21785",
    "datePublished": "2024-05-28T15:30:14.463Z",
    "dateReserved": "2024-02-01T21:51:56.707Z",
    "dateUpdated": "2025-02-13T17:33:19.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9644 (GCVE-0-2024-9644)

Vulnerability from cvelistv5 – Published: 2025-02-04 14:58 – Updated: 2025-11-19 20:35
VLAI
Title
Four-Faith F3x36 bapply.cgi Auth Bypass
Summary
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the "bapply.cgi" endpoint instead of the normal "apply.cgi" endpoint. A remote and unauthenticated can use this vulnerability to modify settings or chain with existing authenticated vulnerabilities.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-489 - Active Debug Code
  • CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
Vendor Product Version
Four-Faith F3x36 Affected: 2.0.0 (semver)
Create a notification for this product.
Credits
Jacob Baines
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9644",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T15:48:55.611580Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-04T15:49:20.305Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "F3x36",
          "vendor": "Four-Faith",
          "versions": [
            {
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:four-faith:f3x36_firmware:2.0.0:*:*:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jacob Baines"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an \nauthentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the \"bapply.cgi\" endpoint instead of the normal \"apply.cgi\" endpoint. A remote and unauthenticated can use this vulnerability to modify settings or chain with existing authenticated vulnerabilities.\u003cbr\u003e"
            }
          ],
          "value": "The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an \nauthentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the \"bapply.cgi\" endpoint instead of the normal \"apply.cgi\" endpoint. A remote and unauthenticated can use this vulnerability to modify settings or chain with existing authenticated vulnerabilities."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489 Active Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-19T20:35:28.936Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vulncheck.com/advisories/four-faith-hidden-api"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Four-Faith F3x36 bapply.cgi Auth Bypass",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2024-9644",
    "datePublished": "2025-02-04T14:58:03.363Z",
    "dateReserved": "2024-10-08T18:08:01.273Z",
    "dateUpdated": "2025-11-19T20:35:28.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-9643 (GCVE-0-2024-9643)

Vulnerability from cvelistv5 – Published: 2025-02-04 14:47 – Updated: 2025-11-22 01:43
VLAI
Title
Four-Faith F3x36 Hidden Debug Credentials
Summary
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to CVE-2023-32645.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Four-Faith F3x36 Affected: 2.0.0 (semver)
Create a notification for this product.
Credits
Jacob Baines
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9643",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T15:51:11.212644Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-04T15:51:15.735Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "F3x36",
          "vendor": "Four-Faith",
          "versions": [
            {
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:four-faith:f3x24:2.0.0:*:*:*:*:*:*:*",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jacob Baines"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The Four-Faith\u0026nbsp;F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to CVE-2023-32645.\u003cbr\u003e"
            }
          ],
          "value": "The Four-Faith\u00a0F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web server. An attacker with knowledge of the credentials can gain administrative access via crafted HTTP requests. This issue appears similar to CVE-2023-32645."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-70",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-70 Try Common or Default Usernames and Passwords"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489 Active Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-22T01:43:40.757Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vulncheck.com/advisories/four-faith-hard-coded-creds"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Four-Faith F3x36 Hidden Debug Credentials",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2024-9643",
    "datePublished": "2025-02-04T14:47:40.214Z",
    "dateReserved": "2024-10-08T18:08:00.149Z",
    "dateUpdated": "2025-11-22T01:43:40.757Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-7756 (GCVE-0-2024-7756)

Vulnerability from cvelistv5 – Published: 2024-09-13 17:26 – Updated: 2024-09-16 17:51
VLAI
Summary
A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Lenovo 10w (Type 82ST, 82SU) Laptop (Lenovo) BIOS Affected: 0 , < JSCN28WW (custom)
Create a notification for this product.
Lenovo L390 (type 20NR, 20NS) Laptops (ThinkPad) BIOS Affected: 0 , < 1.47 (custom)
Create a notification for this product.
Lenovo L390 Yoga (type 20NT, 20NU) Laptops (ThinkPad) BIOS Affected: 0 , < 1.47 (custom)
Create a notification for this product.
lenovo thinkpad_l390_yoga_firmware Affected: 0 , < 1.47 (custom)
    cpe:2.3:o:lenovo:thinkpad_l390_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:lenovo:thinkpad_l390_yoga_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
lenovo 10w_firmware Affected: 0 , < jscn28ww (custom)
    cpe:2.3:o:lenovo:10w_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Lenovo thanks Warren Togami for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:lenovo:thinkpad_l390_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:lenovo:thinkpad_l390_yoga_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "thinkpad_l390_yoga_firmware",
            "vendor": "lenovo",
            "versions": [
              {
                "lessThan": "1.47",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:lenovo:10w_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "10w_firmware",
            "vendor": "lenovo",
            "versions": [
              {
                "lessThan": "jscn28ww",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7756",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-13T21:04:45.731099Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-16T17:51:12.837Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "10w (Type 82ST, 82SU) Laptop (Lenovo) BIOS",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "JSCN28WW",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "L390 (type 20NR, 20NS) Laptops (ThinkPad) BIOS",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "1.47",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "L390 Yoga (type 20NT, 20NU) Laptops (ThinkPad) BIOS",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "1.47",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lenovo thanks Warren Togami for reporting this issue."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell. \u003c/span\u003e"
            }
          ],
          "value": "A potential vulnerability was reported in the ThinkPad L390 Yoga and 10w Notebook that could allow a local attacker to escalate privileges by accessing an embedded UEFI shell."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Active Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-13T17:26:58.798Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "url": "https://support.lenovo.com/us/en/product_security/LEN-165524"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update system firmware to the version (or newer) indicated for your model in the advisory:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-165524\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-165524\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": "Update system firmware to the version (or newer) indicated for your model in the advisory:\u00a0 https://support.lenovo.com/us/en/product_security/LEN-165524"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2024-7756",
    "datePublished": "2024-09-13T17:26:58.798Z",
    "dateReserved": "2024-08-13T17:13:25.142Z",
    "dateUpdated": "2024-09-16T17:51:12.837Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-49593 (GCVE-0-2023-49593)

Vulnerability from cvelistv5 – Published: 2024-07-08 15:22 – Updated: 2025-11-04 17:13
VLAI
Summary
Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
LevelOne WBR-6013 Affected: RER4_A_v3411b_2T2R_LEV_09_170623
Create a notification for this product.
level_one wbr6013 Affected: rer4_a_v3411b_2t2r_lev_09_170623
    cpe:2.3:a:level_one:wbr6013:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:level_one:wbr6013:rer4_a_v3411b_2t2r_lev_09_170623:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wbr6013",
            "vendor": "level_one",
            "versions": [
              {
                "status": "affected",
                "version": "rer4_a_v3411b_2t2r_lev_09_170623"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-49593",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T16:29:03.555096Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-08T16:29:09.941Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T17:13:19.140Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1873",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1873"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1873"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "WBR-6013",
          "vendor": "LevelOne",
          "versions": [
            {
              "status": "affected",
              "version": "RER4_A_v3411b_2T2R_LEV_09_170623"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A specially crafted network request can lead to arbitrary command execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Leftover Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-08T17:00:17.626Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1873",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1873"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-49593",
    "datePublished": "2024-07-08T15:22:29.162Z",
    "dateReserved": "2023-11-30T13:39:07.409Z",
    "dateUpdated": "2025-11-04T17:13:19.140Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-34346 (GCVE-0-2023-34346)

Vulnerability from cvelistv5 – Published: 2023-10-11 15:14 – Updated: 2025-11-04 19:16
VLAI
Summary
A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Yifan YF325 Affected: v1.0_20221108
Create a notification for this product.
yifanwireless yf325_firmware Affected: 1.0_20221108
    cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:16:43.158Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1764",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1764"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1764"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "yf325_firmware",
            "vendor": "yifanwireless",
            "versions": [
              {
                "status": "affected",
                "version": "1.0_20221108"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-34346",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-18T13:38:55.302824Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-18T13:39:35.424Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "YF325",
          "vendor": "Yifan",
          "versions": [
            {
              "status": "affected",
              "version": "v1.0_20221108"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Leftover Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-11T17:00:08.032Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1764",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1764"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-34346",
    "datePublished": "2023-10-11T15:14:30.390Z",
    "dateReserved": "2023-06-12T17:06:03.616Z",
    "dateUpdated": "2025-11-04T19:16:43.158Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-32645 (GCVE-0-2023-32645)

Vulnerability from cvelistv5 – Published: 2023-10-11 15:14 – Updated: 2025-11-04 19:16
VLAI
Summary
A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Yifan YF325 Affected: v1.0_20221108
Create a notification for this product.
yifanwireless yf325_firmware Affected: 1.0_20221108
    cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Discovered by Francesco Benvenuto of Cisco Talos.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:16:24.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1752"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "yf325_firmware",
            "vendor": "yifanwireless",
            "versions": [
              {
                "status": "affected",
                "version": "1.0_20221108"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32645",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-18T13:58:25.963559Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-18T14:00:06.417Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "YF325",
          "vendor": "Yifan",
          "versions": [
            {
              "status": "affected",
              "version": "v1.0_20221108"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by Francesco Benvenuto of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Leftover Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-11T17:00:06.596Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-32645",
    "datePublished": "2023-10-11T15:14:32.925Z",
    "dateReserved": "2023-06-01T17:20:17.570Z",
    "dateUpdated": "2025-11-04T19:16:24.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-21496 (GCVE-0-2023-21496)

Vulnerability from cvelistv5 – Published: 2023-05-04 00:00 – Updated: 2025-02-12 16:16
VLAI
Summary
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Samsung Mobile Samsung Mobile Devices Affected: Android 11, 12, 13 , < SMR May-2023 Release 1 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:36:34.619Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=05"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21496",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T19:38:20.262629Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T16:16:52.915Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Samsung Mobile Devices",
          "vendor": "Samsung Mobile",
          "versions": [
            {
              "lessThan": "SMR May-2023 Release 1",
              "status": "affected",
              "version": "Android 11, 12, 13",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Active Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-04T00:00:00.000Z",
        "orgId": "3af57064-a867-422c-b2ad-40307b65c458",
        "shortName": "Samsung Mobile"
      },
      "references": [
        {
          "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=05"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
    "assignerShortName": "Samsung Mobile",
    "cveId": "CVE-2023-21496",
    "datePublished": "2023-05-04T00:00:00.000Z",
    "dateReserved": "2022-11-14T00:00:00.000Z",
    "dateUpdated": "2025-02-12T16:16:52.915Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Build and Compilation Distribution

Remove debug code before deploying the application.

CAPEC-121: Exploit Non-Production Interfaces

An adversary exploits a sample, demonstration, test, or debug interface that is unintentionally enabled on a production system, with the goal of gleaning information or leveraging functionality that would otherwise be unavailable.

CAPEC-661: Root/Jailbreak Detection Evasion via Debugging

An adversary inserts a debugger into the program entry point of a mobile application to modify the application binary, with the goal of evading Root/Jailbreak detection. Mobile device users often Root/Jailbreak their devices in order to gain administrative control over the mobile operating system and/or to install third-party mobile applications that are not provided by authorized application stores (e.g. Google Play Store and Apple App Store). Rooting/Jailbreaking a mobile device also provides users with access to system debuggers and disassemblers, which can be leveraged to exploit applications by dumping the application's memory at runtime in order to remove or bypass signature verification methods. This further allows the adversary to evade Root/Jailbreak detection mechanisms, which can result in execution of administrative commands, obtaining confidential data, impersonating legitimate users of the application, and more.