CVE-2018-6312

Name of the Vulnerable Software and Affected Versions Foxconn femtocell FEMTO AP-FC4064-T version AP GT B38 5.8.3lb15-W47 LTE Build 15

Description A default weak password in a privileged account can be exploited to enable the TELNET service through the web interface, allowing root login without a password. This can lead to full system compromise and the disclosure of user communications. The foxconn account has an 8-character lowercase alphabetic default password.

Recommendations For Foxconn femtocell FEMTO AP-FC4064-T version AP GT B38 5.8.3lb15-W47 LTE Build 15, change the default password of the foxconn account to a strong password to prevent unauthorized access. As a temporary workaround, consider disabling the TELNET service via the web interface until a secure configuration or patch is available. Restrict access to the web interface to minimize the risk of exploitation.