CVE-2016-2310
published 2016-06-09CVE-2016-2310: General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.22%
86.6th percentile
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ge | multilink_firmware | <= 5.5.0 | — |
| ge | multilink_firmware | <= 5.5.0k | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unexpected configuration changes on GE ML800, ML810, ML1200, ML1600, ML2400, ML3000, and ML3100 switches via the web interface, especially from unauthenticated or low-privilege remote sources — CVSS v3 score is 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). ↗
- ·No known public exploits specifically target this vulnerability at time of advisory publication, and the actual hardcoded credential value is not disclosed in any source. ↗
- ·Exploitation requires only low skill and no authentication, making network-level blocking of web interface access to these devices a critical compensating control. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2r4p-gw5x-3p8w: General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5
ghsa_unreviewed·2022-05-13
CVE-2016-2310 [CRITICAL] CWE-798 GHSA-2r4p-gw5x-3p8w: General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface.
CISA ICS
GE MultiLink Series Hard-coded Credential Vulnerability
cisa_ics·2018-08-23
GE MultiLink Series Hard-coded Credential Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
GE MultiLink Series Hard-coded Credential Vulnerability
Last RevisedAugust 23, 2018
Alert CodeICSA-16-154-01
## OVERVIEW
GE has identified a hard-coded credential vulnerability in GE’s MultiLink series managed switches. GE has produced new firmware versions to mitigate this vulnerability.
This vulnerability could be exploited remotely.
## AFFECTED PRODUCTS
The following MultiLink products are affected:
- GE ML800 Switch, firmware versions prior to Version 5.5.0,
- GE ML810 Switch, firmware versions prior to Version 5.5.0k,
- GE ML1200 Switch, firmware versions prior to Ver
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2016-06-09
Published