Main Vulnerability Database Vulnerabilities #VU99552

#VU99552 Unverified Password Change in WBR-6012 - CVE-2024-33699

Published: October 31, 2024

Vulnerability identifier: #VU99552

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green

CVE-ID: CVE-2024-33699

CWE-ID: CWE-620

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
WBR-6012

Software vendor:
LevelOne

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due weak authentication. A remote user can change the administrator password and gain higher privileges without the current password.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1984

#VU99552 Unverified Password Change in WBR-6012 - CVE-2024-33699

Description

Remediation

External links

Please verify you're human