PT-2024-28426 · Unknown · Wab-I1750-Ps
Sasabe Tetsuro
·
Published
2024-08-29
·
Updated
2024-09-03
·
CVE-2024-39300
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WAB-I1750-PS versions 1.5.10 and earlier
Description
A missing authentication vulnerability exists in the Telnet function of the product. When the Telnet function is enabled, a remote attacker may login to the product without authentication and alter the product's settings. This allows attackers to fully compromise devices. As a mitigation measure, applying restrictive firewall rules can help minimize the risk of exploitation.
Recommendations
For WAB-I1750-PS versions 1.5.10 and earlier, urgently apply restrictive firewall rules to mitigate the risk until a patch is available. Consider disabling the Telnet function as a temporary workaround until the issue is resolved.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wab-I1750-Ps