CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24693

Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.8

References

Products affected by CVE-2022-24693

Baicells » Neutrino 430 » Version: N/A

cpe:2.3:h:baicells:neutrino_430:-
Baicells » Nova436q » Version: N/A

cpe:2.3:h:baicells:nova436q:-
Baicells » Neutrino 430 Firmware » Version: N/A

cpe:2.3:o:baicells:neutrino_430_firmware:-
Baicells » Neutrino 430 Firmware » Version: qrtb_2.7.8

cpe:2.3:o:baicells:neutrino_430_firmware:qrtb_2.7.8
Baicells » Nova436q Firmware » Version: N/A

cpe:2.3:o:baicells:nova436q_firmware:-
Baicells » Nova436q Firmware » Version: qrtb_2.7.8

cpe:2.3:o:baicells:nova436q_firmware:qrtb_2.7.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24693

Products

Pricing

Contact Us