COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-39808

CVE-2023-39808

Severity
critical
Source
NVD · cve
Published
2023-08-21
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-39808
shame 35/100

N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password that allows attackers to login with root privileges via the SSH service. The cleartext password corresponding to the $1$4Tmm01jl$7HRvcW.bz7uGmX9hiQWvR hash was not determined by the vulnerab

Players implicated

nvki · vendorintelligent broadband subscriber gateway · product

Description

N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password that allows attackers to login with root privileges via the SSH service. The cleartext password corresponding to the $1$4Tmm01jl$7HRvcW.bz7uGmX9hiQWvR hash was not determined by the vulnerability discoverer.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.