Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtain on the device. This web interface uses root as the username and the password in the /etc/cmh/cmh.conf file which can be extracted by an attacker using a directory traversal attack, and then log in to the device with the highest privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Vera Veralite 安全漏洞
Vulnerability Description
Vera Veralite 1.7.481版本中存在安全漏洞,该漏洞源于设备上存在一个OpenWRT界面并且使用‘root’作为用户名和密码。攻击者可利用该漏洞以最高权限登录到设备上。
CVSS Information
N/A
Vulnerability Type
N/A