CVE-2023-41030
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-41030 is a vulnerability affecting Juplink RX4-1500 versions V1.0.2 through V1.0.5. This issue arises due to hard-coded credentials in the system. An attacker can exploit this vulnerability to gain unauthorized access to the web interface or telnet service by using the pre-defined 'user' username without requiring any authentication. This weakness poses a significant risk, as unauthenticated access can lead to potential data breaches, unauthorized modifications, or system takeover. It is strongly recommended that affected users update their Juplink RX4-1500 devices to the latest software version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions