CVE-2024-42637

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions H3C R3010 version v100R002L02

Description A hardcoded password vulnerability was discovered in /etc/shadow, allowing attackers to log in as root. This issue affects the H3C R3010 device, potentially allowing unauthorized access.

Recommendations For H3C R3010 version v100R002L02, consider changing the hardcoded password in /etc/shadow to a unique and secure password to prevent unauthorized access. As a temporary workaround, restrict root login access until a patch is available.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2024-42637

Affected Products

H3C R3010

CVE-2024-42637

Weakness Enumeration

Related Identifiers

Affected Products

References · 8