CVE-2023-2645

Name of the Vulnerable Software and Affected Versions USR USR-G806 version 1.0.41

Description A critical issue was found in the Web Management Page component, where the manipulation of the username/password argument with the input root leads to the use of a hard-coded password. This can be exploited remotely. The issue has been publicly disclosed and may be used for attacks. It is recommended to change the configuration settings.

Recommendations To resolve the issue, change the configuration settings for USR USR-G806 version 1.0.41. As a temporary workaround, consider restricting access to the Web Management Page until the issue is fully addressed. Avoid using the default root input for the username/password argument to minimize the risk of exploitation.