CVE-2024-1039
published 2024-02-01CVE-2024-1039: Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.72%
49.2th percentile
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gessler_gmbh | web-master | — | — |
| gesslergmbh | web-master_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Gessler GmbH WEB-MASTER version 7.9 contains a hard-coded restoration account with weak credentials; detect unauthorized web management access attempts against WEB-MASTER devices running this version ↗
- →WEB-MASTER stores user account passwords using a weak hashing algorithm; monitor for credential extraction activity or offline hash-cracking attempts following device access ↗
- →CVE-2024-1039 is remotely exploitable with no authentication required (AV:N/AC:L/PR:N/UI:N); alert on unauthenticated logins to WEB-MASTER web management interfaces, especially using restoration/default accounts ↗
- ·Affected product is WEB-MASTER version 7.9 specifically; the hard-coded restoration account is a built-in feature of this firmware version and cannot be removed without vendor-supplied update ↗
- ·Remediation requires vendor technician involvement; organizations cannot self-apply the patch (EZ2 ≥ 3.2, WebMaster ≥ 4.4) ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-47gj-j96m-3hhg: Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web
ghsa_unreviewed·2024-02-02
CVE-2024-1039 [CRITICAL] CWE-1391 GHSA-47gj-j96m-3hhg: Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device.
CISA ICS
Gessler GmbH WEB-MASTER
cisa_ics·2025-08-07·CVSS 9.8
[CRITICAL] Gessler GmbH WEB-MASTER
ICS Advisory
##
Gessler GmbH WEB-MASTER
Last RevisedAugust 07, 2025
Alert CodeICSA-24-032-01
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable Remotely/Low attack complexity
- Vendor: Gessler GmbH
- Equipment: WEB-MASTER
- Vulnerabilities: Use of Hard-coded Credentials, Use of a Broken or Risky Cryptographic Algorithm
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow a user to take control of the web management of the device. An attacker with access to the device could also extract and break the password hashes for all users stored on the device.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following ve
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-02-01
Published