CVE-2023-0345

Name of the Vulnerable Software and Affected Versions Akuvox E11 (affected versions not specified)

Description The issue is related to the Akuvox E11 secure shell (SSH) server, which is enabled by default and accessible by the root user with a password that cannot be changed by the user. This concern is associated with the use of pre-installed credentials. Exploitation of this issue may allow a remote attacker to elevate their privileges to the root level.

Recommendations For Akuvox E11, consider disabling the SSH server until a configuration change or update is available to secure the default credentials. As a temporary workaround, restrict access to the device to minimize the risk of exploitation.