Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default, without a password.
References
Link | Resource |
---|---|
https://github.com/nonamecoder/CVE-2023-22906 | Exploit Technical Description Third Party Advisory |
https://twitter.com/ayyappan162010/status/1610764707753000960 | Exploit Third Party Advisory |
https://github.com/nonamecoder/CVE-2023-22906 | Exploit Technical Description Third Party Advisory |
https://twitter.com/ayyappan162010/status/1610764707753000960 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 07:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/nonamecoder/CVE-2023-22906 - Exploit, Technical Description, Third Party Advisory | |
References | () https://twitter.com/ayyappan162010/status/1610764707753000960 - Exploit, Third Party Advisory |
Information
Published : 2023-07-04 00:15
Updated : 2024-11-21 07:45
NVD link : CVE-2023-22906
Mitre link : CVE-2023-22906
CVE.ORG link : CVE-2023-22906
JSON object : View
Products Affected
heroelectronix
- qubo_hcd01_firmware
- qubo_hcd02
- qubo_hcd02_firmware
- qubo_hcd01
CWE
CWE-306
Missing Authentication for Critical Function