9

CVE-2018-6312

EPSS 0.29%
Veröffentlicht 10.03.2018 22:29:00
Zuletzt bearbeitet 21.11.2024 04:10:27
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Foxconn ≫ Ap-fc4064-t Firmware Versionap_gt_b38_5.8.3lb15-w47_lte

Foxconn ≫ Ap-fc4064-t Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.29%	0.523

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-521 Weak Password Requirements

The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.

https://gist.github.com/DrmnSamoLiu/cd1d6fa59501f161616686296aa4a6c8

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-6312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-6312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-6312

EUVD