Hardcoded Password Vulnerability Discovered in Ubiquiti U6-LR 6.6.65
CVE-2024-54750

Currently unrated

Key Information:

Vendor: Ubiquiti
Vendor: CVE Published:; 6 December 2024

What is CVE-2024-54750?

Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. NOTE: In Ubiquiti's view there is no vulnerability as the Hardcoded Password should be after setup not before.

References

https://colorful-meadow-5b9.notion.site/U6-LR_HardCode_vu...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 6, 2024