CVE-2021-39289

Name of the Vulnerable Software and Affected Versions NetModule NB800 versions prior to 4.3.0.113 NetModule NB1600 versions prior to 4.3.0.113 NetModule NB1601 versions prior to 4.3.0.113 NetModule NB1800 versions prior to 4.3.0.113 NetModule NB1810 versions prior to 4.3.0.113 NetModule NB2700 versions prior to 4.3.0.113 NetModule NB2710 versions prior to 4.3.0.113 NetModule NB2800 versions prior to 4.4.0.111 NetModule NB2810 versions prior to 4.4.0.111 NetModule NB3700 versions prior to 4.5.0.105 NetModule NB3701 versions prior to 4.5.0.105 NetModule NB3710 versions prior to 4.5.0.105 NetModule NB3711 versions prior to 4.5.0.105 NetModule NB3720 versions prior to 4.5.0.105 NetModule NB3800 versions prior to 4.5.0.105

Description The issue concerns insecure password handling, where passwords are stored in cleartext or reversible encryption. This affects various NetModule devices with firmware versions before specific updates.

Recommendations For NetModule NB800, update to firmware version 4.3.0.113 or later. For NetModule NB1600, update to firmware version 4.3.0.113 or later. For NetModule NB1601, update to firmware version 4.3.0.113 or later. For NetModule NB1800, update to firmware version 4.3.0.113 or later. For NetModule NB1810, update to firmware version 4.3.0.113 or later. For NetModule NB2700, update to firmware version 4.3.0.113 or later. For NetModule NB2710, update to firmware version 4.3.0.113 or later. For NetModule NB2800, update to firmware version 4.4.0.111 or later. For NetModule NB2810, update to firmware version 4.4.0.111 or later. For NetModule NB3700, update to firmware version 4.5.0.105 or later. For NetModule NB3701, update to firmware version 4.5.0.105 or later. For NetModule NB3710, update to firmware version 4.5.0.105 or later. For NetModule NB3711, update to firmware version 4.5.0.105 or later. For NetModule NB3720, update to firmware version 4.5.0.105 or later. For NetModule NB3800, update to firmware version 4.5.0.105 or later.