Nikki2023

**Name of the Vulnerable Software and Affected Versions** USR USR-G806 version 1.0.41 **Description** A critical issue was found in the Web Management Page component, where the manipulation of the `username`/`password` argument with the input `root` leads to the use of a hard-coded password. This can be exploited remotely. The issue has been publicly disclosed and may be used for attacks. It is recommended to change the configuration settings. **Recommendations** To resolve the issue, change the configuration settings for USR USR-G806 version 1.0.41. As a temporary workaround, consider restricting access to the Web Management Page until the issue is fully addressed. Avoid using the default `root` input for the `username`/`password` argument to minimize the risk of exploitation.