What is the severity of CVE-2024-28875?

CVE-2024-28875 is considered a high-severity vulnerability due to the potential for unauthorized access via hard-coded credentials.

How do I fix CVE-2024-28875?

Fixing CVE-2024-28875 involves updating the LevelOne WBR-6012 firmware to the latest version provided by the manufacturer.

What impact does CVE-2024-28875 have on LevelOne WBR-6012 security?

CVE-2024-28875 allows attackers to gain unauthorized access during the vulnerable period post-boot, posing serious security risks.

Can CVE-2024-28875 be exploited remotely?

Yes, CVE-2024-28875 can be exploited remotely if an attacker is aware of the hard-coded credentials.

What devices are affected by CVE-2024-28875?

The affected device for CVE-2024-28875 is the LevelOne WBR-6012 with firmware version r0.40e6.

Vulnerability/
CVE-2024-28875

high

8.1

CWE

798

30/10/2024

13/11/2024

CVE-2024-28875

First published: Wed Oct 30 2024(Updated: )

A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be found at address 0x80100910 80100910 40 6d 21 74 ds "@m!t2K1" 32 4b 31 00 It is referenced by the function located at 0x800b78b0 and is used as shown in the pseudocode below: if ((SECOND_FROM_BOOT_TIME < 300) && (is_equal = strcmp(password,"@m!t2K1")) { return 1;} Where 1 is the return value to admin-level access (0 being fail and 3 being user).

Credit: talos-cna@cisco.com

Affected Software	Affected Version	How to fix
All of
Level1 WBR-6012 Firmware	=r0.40e6
Level1 WBR-6012 Firmware

Never miss a vulnerability like this again

Reference Links

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1979

Frequently Asked Questions

What is the severity of CVE-2024-28875?
CVE-2024-28875 is considered a high-severity vulnerability due to the potential for unauthorized access via hard-coded credentials.
How do I fix CVE-2024-28875?
Fixing CVE-2024-28875 involves updating the LevelOne WBR-6012 firmware to the latest version provided by the manufacturer.
What impact does CVE-2024-28875 have on LevelOne WBR-6012 security?
CVE-2024-28875 allows attackers to gain unauthorized access during the vulnerable period post-boot, posing serious security risks.
Can CVE-2024-28875 be exploited remotely?
Yes, CVE-2024-28875 can be exploited remotely if an attacker is aware of the hard-coded credentials.
What devices are affected by CVE-2024-28875?
The affected device for CVE-2024-28875 is the LevelOne WBR-6012 with firmware version r0.40e6.

agent/references
agent/weakness
agent/description
agent/first-publish-date
agent/type
agent/severity
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/level1
canonical/level1 wbr-6012 firmware
version/level1 wbr-6012 firmware/r0.40e6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.