CVE-2023-41920

Critical

The vulnerability allows attackers access to the root account without having to authenticate. Specifically, if the device is configured…

NCSC-NL·CWE-305·Published 2024-07-02

CVSS

9.8

EPSS

0.00

KEV

Exploits

cve.orgen

213 chars

The vulnerability allows attackers access to the root account without having to authenticate. Specifically, if the device is configured with the IP address of 10.10.10.10, the root user is automatically logged in.

NVDen

213 chars

NVDes

226 chars

La vulnerabilidad permite a los atacantes acceder a la cuenta raíz sin tener que autenticarse. Específicamente, si el dispositivo está configurado con la dirección IP 10.10.10.10, el usuario root inicia sesión automáticamente.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H