CVE-2024-12013

HIGH Year: 2024
CVSS v3 Score
7.6
High
Weakness Type
CWE-1392
View all →

Vulnerability Description

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform changes over resources exposed by the service such as configuration files where password hashes are saved or where network settings are stored.

Related Vulnerabilities

CVE-2024-54015

HIGH
CVSS:7.5(High)

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP300) (All versions >= V8.80 < V9.90), SIPROTEC 5 6MD86 (CP300) (All versions >= V8.80 < V9.9...

CWE-13922024

CVE-2025-23012

HIGH
CVSS:7.5(High)

Fedora Repository 3.8.x includes a service account (fedoraIntCallUser) with default credentials and privileges to read read local files by manipulating datastreams. Fedora Repository 3.8.1 was release...

CWE-13922025

CVE-2024-27158

HIGH
CVSS:7.4(High)

All the Toshiba printers share the same hardcoded root password. As for the affected products/models/versions, see the reference URL.

CWE-13922024

CVE-2024-30210

HIGH
CVSS:7.4(High)

IO-1020 Micro ELD uses a default WIFI password that could allow an adjacent attacker to connect to the device.

CWE-13922024

CVE-2024-31069

HIGH
CVSS:7.4(High)

IO-1020 Micro ELD web server uses a default password for authentication.

CWE-13922024

CVE-2024-6245

HIGH
CVSS:7.4(High)

Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 202...

CWE-13922024