CVE-2023-35837

EPSS 0.13%
Veröffentlicht 23.01.2024 23:15:08
Zuletzt bearbeitet 16.06.2025 20:15:24
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. Authentication for web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default password, equal to the registration ID of the device. This same registration ID is used as the WiFi SSID name. No routine is in place to force a change to this password on first use or bring its default state to the attention of the user. Once authenticated, an attacker can reconfigure the device or upload new firmware, both of which can lead to Denial of Service, code execution, or Escalation of Privileges.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Solax ≫ Pocket Wifi 3 Firmware Version >= 3.0.0 <= 3.009.03_20230504

Solax ≫ Pocket Wifi 3 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.335

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.solaxpower.com/downloads/

Not Applicable

https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/

Product

https://yougottahackthat.com/blog/

Third Party Advisory

https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-35837

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-35837

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-35837

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-35837