Hidden SSH Service with Hardcoded Credentials Allows Access to Appliance Operating System
CVE-2024-28812

Currently unrated

Key Information:

Vendor: Infinera
Status: Hit 7300 Firmware
Vendor: CVE Published:; 30 September 2024

What is CVE-2024-28812?

A significant security flaw has been identified within the Infinera hiT 7300 model 5.60.50. This vulnerability stems from a concealed SSH service present in the local management network interface. Attackers can exploit this issue by leveraging hardcoded credentials, which grants them the capability to access the appliance's operating system with elevated privileges via SSH. This can lead to unauthorized control over the device, posing serious risks to network integrity and operational security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-28812

Timeline

Vulnerability published
Sep 30, 2024

JSON

Infinera

What is CVE-2024-28812?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.