Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Use of a hard-coded AES-256-CBC key in the configuration backup/restore implementation of Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote authenticated users to decrypt, modify, and re-encrypt device configurations, enabling credential manipulation and privilege escalation via the GUI import/export functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sercomm SCE4255W 安全漏洞
Vulnerability Description
Sercomm SCE4255W是中国台湾中磊(Sercomm)公司的一款宽带网关设备。 Sercomm SCE4255W DG3934v3@2308041842之前版本存在安全漏洞,该漏洞源于配置备份/恢复实现中使用硬编码AES-256-CBC密钥,可能导致凭据操纵和权限提升。
CVSS Information
N/A
Vulnerability Type
N/A