H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
References
Link | Resource |
---|---|
https://palm-vertebra-fe9.notion.site/H3C-Magic-B1STV100R012-was-discovered-to-contain-a-hardcoded-2a648569ee7f4df8b570632d11032337?pvs=74 | Exploit Third Party Advisory |
https://www.h3c.com/cn/d_201609/956059_30005_0.htm | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
11 Sep 2024, 12:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
First Time |
H3c magic B1st Firmware
H3c magic B1st H3c |
|
CPE | cpe:2.3:o:h3c:magic_b1st_firmware:100r012:*:*:*:*:*:*:* cpe:2.3:h:h3c:magic_b1st:-:*:*:*:*:*:*:* |
|
CWE | CWE-798 | |
References | () https://palm-vertebra-fe9.notion.site/H3C-Magic-B1STV100R012-was-discovered-to-contain-a-hardcoded-2a648569ee7f4df8b570632d11032337?pvs=74 - Exploit, Third Party Advisory | |
References | () https://www.h3c.com/cn/d_201609/956059_30005_0.htm - Product |
19 Aug 2024, 13:00
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Aug 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-16 18:15
Updated : 2024-09-11 12:53
NVD link : CVE-2024-42638
Mitre link : CVE-2024-42638
CVE.ORG link : CVE-2024-42638
JSON object : View
Products Affected
h3c
- magic_b1st_firmware
- magic_b1st
CWE
CWE-798
Use of Hard-coded Credentials