CVE-2014-10069

Name of the Vulnerable Software and Affected Versions Hitron devices (affected versions not specified)

Description The issue allows attackers to obtain sensitive information by decrypting a backup configuration file. This is possible because the devices use a shared DES key, 578A958E3DD933FC, across different customers' installations. The um auth account password field contains a password hash that can be accessed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.