CVE-2024-52788
CVSS 3.1 Score 8.0 of 10 (high)
Details
Summary
CVE-2024-52788 is a newly disclosed vulnerability affecting Tenda W9 v1.0.0.7(4456). This issue involves a hardcoded password in the /etc_ro/shadow file, which provides attackers with the ability to log in as the root user. The hardcoded password goes undetected due to its fixed nature, making it an easier target for unauthorized access. Attackers who exploit this vulnerability can gain complete control over the affected device, leading to potential data theft, unauthorized modifications, or even a launchpad for further attacks on the network. Users of Tenda W9 v1.0.0.7(4456) are advised to update their devices as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- W - 9