CVE-2018-6312
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.
Una cuenta privilegiada con una contraseña débil por defecto en Foxconn femtocell FEMTO AP-FC4064-T, versión AP_GT_B38_5.8.3lb15-W47 LTE Build 15, puede emplearse para activar el servicio TELNET mediante la interfaz web. Esto permite el inicio de sesión como root sin contraseña. La vulnerabilidad conducirá al compromiso total del sistema y a la revelación de comunicaciones de usuario. Se puede emplear la cuenta de foxconn con una contraseña de 8 caracteres alfanuméricos en minúscula.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-25 CVE Reserved
- 2018-03-10 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-521: Weak Password Requirements
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://gist.github.com/DrmnSamoLiu/cd1d6fa59501f161616686296aa4a6c8 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Foxconn Search vendor "Foxconn" | Ap-fc4064-t Firmware Search vendor "Foxconn" for product "Ap-fc4064-t Firmware" | ap_gt_b38_5.8.3lb15-w47_lte Search vendor "Foxconn" for product "Ap-fc4064-t Firmware" and version "ap_gt_b38_5.8.3lb15-w47_lte" | - |
Affected
| in | Foxconn Search vendor "Foxconn" | Ap-fc4064-t Search vendor "Foxconn" for product "Ap-fc4064-t" | - | - |
Safe
|