CVE-2023-35837

Name of the Vulnerable Software and Affected Versions SolaX Pocket WiFi versions 3 through 3.001.02

Description An issue was discovered where authentication for the web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default password, equal to the registration ID of the device, which is also used as the WiFi SSID name. There is no routine in place to force a change to this password on first use or bring its default state to the attention of the user. Once authenticated, an attacker can reconfigure the device or upload new firmware, leading to potential Denial of Service, code execution, or Escalation of Privileges.

Recommendations For SolaX Pocket WiFi versions 3 through 3.001.02, consider changing the default administrative password to a unique and strong password to prevent unauthorized access. As a temporary workaround, restrict access to the web interface until a patch is available. Avoid using the default registration ID as the WiFi SSID name and administrative password.