Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 21 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:elecom:wab-i1750-ps_firmware:*:*:*:*:*:*:*:*

Tue, 03 Sep 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Elecom wab-i1750-ps
CPEs cpe:2.3:h:elecom:wab-i1750-ps:-:*:*:*:*:*:*:*
cpe:2.3:o:elecom:wab-i1750-ps_firmware:*:*:*:*:*:*:*:*
Vendors & Products Elecom wab-i1750-ps

Fri, 30 Aug 2024 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Elecom
Elecom wab-i1750-ps Firmware
Weaknesses CWE-306
CPEs cpe:2.3:a:elecom:wab-i1750-ps_firmware:*:*:*:*:*:*:*:*
Vendors & Products Elecom
Elecom wab-i1750-ps Firmware
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 30 Aug 2024 06:45:00 +0000

Type Values Removed Values Added
Description Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published:

Updated: 2024-10-21T13:46:23.712Z

Reserved: 2024-08-16T04:42:10.038Z

Link: CVE-2024-39300

cve-icon Vulnrichment

Updated: 2024-08-30T14:31:45.946Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-30T07:15:11.837

Modified: 2024-09-03T14:57:54.137

Link: CVE-2024-39300

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.