CVE-2024-42638

H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*
cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*

History

11 Sep 2024, 12:53

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
First Time H3c magic B1st Firmware
H3c magic B1st
H3c
CPE cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:*
cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:*
CWE CWE-798
References () https://palm-vertebra-fe9.notion.site/H3C-Magic-B1STV100R012-was-discovered-to-contain-a-hardcoded-2a648569ee7f4df8b570632d11032337?pvs=74 - () https://palm-vertebra-fe9.notion.site/H3C-Magic-B1STV100R012-was-discovered-to-contain-a-hardcoded-2a648569ee7f4df8b570632d11032337?pvs=74 - Exploit, Third Party Advisory
References () https://www.h3c.com/cn/d_201609/956059_30005_0.htm - () https://www.h3c.com/cn/d_201609/956059_30005_0.htm - Product

19 Aug 2024, 13:00

Type Values Removed Values Added
Summary
  • (es) Se descubrió que H3C Magic B1ST v100R012 contiene una vulnerabilidad de contraseña codificada en /etc/shadow, que permite a los atacantes iniciar sesión como superusuario.

16 Aug 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-16 18:15

Updated : 2024-09-11 12:53


NVD link : CVE-2024-42638

Mitre link : CVE-2024-42638

CVE.ORG link : CVE-2024-42638


JSON object : View

Products Affected

h3c

  • magic_b1st_firmware
  • magic_b1st
CWE
CWE-798

Use of Hard-coded Credentials