{"uuid": "6b5df5ff-ef8d-4d1a-a807-45d84dad7694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31808", "type": "exploited", "source": "https://t.me/Rootsec_2/381", "content": "\ud83d\udca5Hard-coded credentials in Technicolor TG670 DSL gateway router(CVE-2023-31808)\nThe Technicolor TG670 Router DSL Gateway Router includes a hard-coded service account that allows for authentication over services on the WAN interface, using HTTP, SSH, or TELNET. The authenticated user can use it to gain full administrative control of the router.\n\n\u26a0\ufe0fA remote attacker can use the default username and password to login as the administrator to the router device. This allows the attacker to modify any of the administrative settings of the router and use it in unexpected ways. This requires Remote Administration is enabled on the router, which is the default setting.", "creation_timestamp": "2024-08-16T08:08:28.000000Z"}