Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hard Coded Credential Crypt Vulnerability
Vulnerability Description
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Vulnerability Type
访问控制不恰当
Vulnerability Title
多款Baicells Nova产品信任管理问题漏洞
Vulnerability Description
Baicells Nova 227是一款微型基站。Baicells Nova 233是一款微型基站。Baicells Nova 243是一款微型基站。 Baicells Nova 227、Nova 233 和 Nova 243 LTE TDD eNodeB 设备固件RTS/RTD 3.7.11.6之前版本存在信任管理问题漏洞,该漏洞源于设备固件具有硬编码凭据,这些凭据很容易被发现,远程攻击者利用该漏洞可以通过 ssh 进行身份验证。
CVSS Information
N/A
Vulnerability Type
N/A