Vulnerability Details CVE-2024-8449
Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to connect to the device via the serial console and use this credential to reset any user's password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.9%
CVSS Severity
CVSS v3 Score 6.8
References
Products affected by CVE-2024-8449
-
cpe:2.3:h:planet:gs-4210-24p2s:3.0
-
cpe:2.3:h:planet:gs-4210-24pl4c:2.0
-
cpe:2.3:o:planet:gs-4210-24p2s_firmware:*
-
cpe:2.3:o:planet:gs-4210-24pl4c_firmware:*