Chunghwa Telecom NOKIA G-040W-Q - Weak Password Requirements
CVE-2023-41353

8.8HIGH

Key Information:

Vendor: Chunghwa Telecom
Status: Nokia G-040w-q
Vendor: CVE Published:; 3 November 2023

🔔 Create Chunghwa Telecom Vulnerability Alert

What is CVE-2023-41353?

The NOKIA G-040W-Q device from Chunghwa Telecom is susceptible to exploitation due to inadequate password strength requirements. A remote attacker with standard user access can exploit system information to derive the administrator password, granting them unauthorized control over the system. Consequently, attackers can execute arbitrary operations or disrupt service, posing significant risks to the integrity and availability of the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NOKIA G-040W-Q G040WQR201207

References

https://www.twcert.org.tw/tw/cp-132-7503-a27ed-1.html

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 3, 2023
Vulnerability Reserved
Aug 29, 2023

JSON