CVE-2024-28809

Name of the Vulnerable Software and Affected Versions Infinera hiT 7300 version 5.60.50

Description An issue was discovered in the Infinera hiT 7300, where cleartext storage of sensitive passwords in firmware update packages allows attackers to access various appliance services via hardcoded credentials.

Recommendations For Infinera hiT 7300 version 5.60.50, consider changing the hardcoded credentials and storing passwords securely to prevent unauthorized access. As a temporary workaround, restrict access to the firmware update packages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.