admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-120xx/CVE-2024-12013.json
cad-safe-bot 03e4a37847 Auto-Update: 2025-02-16T03:00:21.640882+00:00
2025-02-16 03:03:51 +00:00

60 lines
2.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-12013",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2025-02-13T16:15:44.050",
"lastModified": "2025-02-13T16:15:44.050",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A CWE-1392 \u201cUse of Default Credentials\u201d was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform changes over resources exposed by the service such as configuration files where password hashes are saved or where network settings are stored."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un error CWE-1392 \u201cUso de credenciales predeterminadas\u201d que afectaba al gateway TCP/IP 130.8005 con la versi\u00f3n de firmware 12h. El dispositivo expone un servidor FTP con credenciales de administrador predeterminadas y f\u00e1ciles de adivinar. Un atacante remoto capaz de interactuar con el servidor FTP podr\u00eda obtener acceso y realizar cambios en los recursos expuestos por el servicio, como los archivos de configuraci\u00f3n donde se guardan los hashes de contrase\u00f1as o donde se almacenan las configuraciones de red."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-12013",
"source": "prodsec@nozominetworks.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink