CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21865
https://notcve.org/view.php?id=CVE-2024-21865
25 Mar 2024 — HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may connect to the product via SSH and use a shell. HGW BL1500HM Ver 002.001.013 y anteriores contienen un problema de uso de credenciales semanales. Un atacante no autenticado adyacente a la red puede conectarse al producto a través de SSH y utilizar un shell. • https://jvn.jp/en/vu/JVNVU93546510 • CWE-521: Weak Password Requirements CWE-1391: Use of Weak Credentials •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29071
https://notcve.org/view.php?id=CVE-2024-29071
25 Mar 2024 — HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may change the system settings. HGW BL1500HM Ver 002.001.013 y anteriores contienen un problema de uso de credenciales semanales. Un atacante no autenticado adyacente a la red puede cambiar la configuración del sistema. • https://jvn.jp/en/vu/JVNVU93546510 • CWE-522: Insufficiently Protected Credentials CWE-1391: Use of Weak Credentials •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2024-28041
https://notcve.org/view.php?id=CVE-2024-28041
25 Mar 2024 — HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary command. HGW BL1500HM Ver 002.001.013 y anteriores permiten que un atacante no autenticado adyacente a la red ejecute un comando arbitrario. • https://jvn.jp/en/vu/JVNVU93546510 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •