Vulnerability Details CVE-2024-23726
Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and the last six of the BSSID, decrementing the last digit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.2%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-23726
-
cpe:2.3:h:ubeeinteractive:ddw365:-
-
cpe:2.3:o:ubeeinteractive:ddw365_firmware:-