CVE-2023-51740

Name of the Vulnerable Software and Affected Versions Skyworth Router CM5100 version 4.1.1.24

Description This issue exists due to the transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this by eavesdropping on the victim’s network traffic to extract the username and password from the web interface (Login Page) of the targeted system.

Recommendations For Skyworth Router CM5100 version 4.1.1.24, consider disabling the login functionality over the network until a patch is available to prevent the transmission of credentials in plaintext. Restrict access to the web interface to minimize the risk of exploitation. Avoid using the vulnerable login page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.