CVE-2024-28875

Name of the Vulnerable Software and Affected Versions LevelOne WBR-6012 (affected versions not specified)

Description A security issue exists due to hard-coded credentials in the web services of the affected device. This allows attackers to gain unauthorized access within the first 30 seconds after the device boots. Other vulnerabilities can force the device to reboot, removing the initial time restriction for exploitation. The hard-coded credentials are referenced by a function and used for authentication, as shown in pseudocode. If the password matches the hard-coded string @m!t2K1 within the specified time frame, it returns a value granting admin-level access.

Recommendations For LevelOne WBR-6012, as a temporary workaround, consider disabling the web services until a patch is available. Restrict access to the device during the first 30 seconds after boot to minimize the risk of exploitation. Avoid using the default password, and change it as soon as possible after booting the device. At the moment, there is no information about a newer version that contains a fix for this vulnerability.