Hard-coded Password Vulnerability in Telnetd Functionality
CVE-2023-46685

9.8CRITICAL

Key Information:

Vendor: Levelone
Status: Wbr-6013
Vendor: CVE Published:; 8 July 2024

What is CVE-2023-46685?

A vulnerability exists in the telnetd functionality of LevelOne WBR-6013, where a hard-coded password can be exploited. This weakness allows attackers to send specially crafted network packets that could lead to arbitrary command execution, putting affected systems at significant risk.

Affected Version(s)

WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2024
Vulnerability Reserved
Nov 30, 2023

Credit

Discovered by Francesco Benvenuto of Cisco Talos.

Levelone

What is CVE-2023-46685?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit