PT-2024-24993 · Levelone · Levelone Wbr-6012
Patrick Desantis
·
Published
2024-10-30
·
Updated
2024-11-13
·
CVE-2024-32946
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
LevelOne WBR-6012 router version R0.40e6
Description
A vulnerability in the LevelOne WBR-6012 router's firmware allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attacks.
Recommendations
For version R0.40e6, consider disabling Web and FTP services until a patch is available to prevent sensitive information from being transmitted in cleartext. Restrict access to the router's network to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Levelone Wbr-6012