CVE-2024-12013

Name of the Vulnerable Software and Affected Versions Zettler - 130.8005 version 12h

Description A CWE-1392 issue was discovered, affecting the device's FTP server, which uses default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform changes to resources exposed by the service, such as configuration files where password hashes are saved or where network settings are stored.

Recommendations For version 12h, change the default admin credentials of the FTP server to strong, unique credentials to prevent unauthorized access. As a temporary workaround, consider disabling the FTP server until secure credentials are implemented. Restrict access to the FTP server to minimize the risk of exploitation. Avoid using default or easy-to-guess credentials for the admin account.