Hardcoded Password Vulnerability in Ubiquiti U7-Pro Product
CVE-2024-54749
Currently unrated
What is CVE-2024-54749?
A hardcoded password vulnerability has been identified in Ubiquiti's U7-Pro version 7.0.35, residing in the /etc/shadow file. This flaw could potentially allow unauthorized access, enabling attackers to log in as root. While the supplier disputes the severity by suggesting that a password must be configured during installation, the presence of a default hardcoded password remains a significant security concern that could be exploited if not properly mitigated.