Telnet Authentication Vulnerability Allows Remote Access Without Auth
CVE-2024-39300

3.7LOW

Key Information:

Vendor: Elecom Co.,ltd.
Status: Wab-i1750-ps
Vendor: CVE Published:; 30 August 2024

Summary

Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings.

Affected Version(s)

WAB-I1750-PS v1.5.10 and earlier

References

https://www.elecom.co.jp/news/security/20240827-01/

https://jvn.jp/en/jp/JVN24885537/

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 30, 2024
Vulnerability Reserved
Aug 16, 2024