CVE-2024-7059

CVSS 3.1 Score 8 of 10 (high)

Details

Published Nov 5, 2024
Updated: Nov 9, 2024
CWE ID 470

Summary

CVE-2023-29114: A vulnerability in the web management application allows unauthorized access to system logs, potentially exposing sensitive information. This includes Wi-Fi access point credentials, APN web addresses and credentials, IPSEC credentials, web interface access credentials, JuiceBox system components details, C2G configuration details, internal IP addresses, and OTA firmware update configurations, all stored in logs in an unencrypted plaintext format. An attacker can gain access to this data, leading to potential security risks and unauthorized network access.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share