CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38902
https://notcve.org/view.php?id=CVE-2024-38902
24 Jun 2024 — H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. Se descubrió que H3C Magic R230 V100R002 contiene una vulnerabilidad de contraseña codificada en /etc/shadow, que permite a los atacantes iniciar sesión como root. • https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/H3C/Magic%20R230/hardcode/README.md • CWE-259: Use of Hard-coded Password •
CVSS: 9.7EPSS: 1%CPEs: 1EXPL: 0CVE-2024-38903
https://notcve.org/view.php?id=CVE-2024-38903
24 Jun 2024 — H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary commands. El udpserver del H3C Magic R230 V100R002 abre el puerto 9034, lo que permite a los atacantes ejecutar comandos arbitrarios. • https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/H3C/Magic%20R230/UDPserver_97F/README.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •