cbcvebase.
CVE-2024-1039
published 2024-02-01

CVE-2024-1039: Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web…

PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.72%
49.2th percentile
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device.

Affected

2 ranges
VendorProductVersion rangeFixed in
gessler_gmbhweb-master
gesslergmbhweb-master_firmware

Detection & IOCsextracted from sources · hover to see the quote

  • Gessler GmbH WEB-MASTER version 7.9 contains a hard-coded restoration account with weak credentials; detect unauthorized web management access attempts against WEB-MASTER devices running this version
  • WEB-MASTER stores user account passwords using a weak hashing algorithm; monitor for credential extraction activity or offline hash-cracking attempts following device access
  • CVE-2024-1039 is remotely exploitable with no authentication required (AV:N/AC:L/PR:N/UI:N); alert on unauthenticated logins to WEB-MASTER web management interfaces, especially using restoration/default accounts
  • ·Affected product is WEB-MASTER version 7.9 specifically; the hard-coded restoration account is a built-in feature of this firmware version and cannot be removed without vendor-supplied update
  • ·Remediation requires vendor technician involvement; organizations cannot self-apply the patch (EZ2 ≥ 3.2, WebMaster ≥ 4.4)

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.