CVE-2024-28744
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/04/2024
Last modified:
01/08/2024
Description
The password is empty in the initial configuration of ACERA 9010-08 firmware v02.04 and earlier, and ACERA 9010-24 firmware v02.04 and earlier. An unauthenticated attacker may log in to the product with no password, and obtain and/or alter information such as network configuration and user information. The products are affected only when running in non MS mode with the initial configuration.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH