CVE-2024-28875
published 2024-10-30CVE-2024-28875: A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds…
PriorityP350high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
0.69%
48.1th percentile
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be found at address 0x80100910
80100910 40 6d 21 74 ds "@m!t2K1"
32 4b 31 00
It is referenced by the function located at 0x800b78b0 and is used as shown in the pseudocode below:
if ((SECOND_FROM_BOOT_TIME < 300) &&
(is_equal = strcmp(password,"@m!t2K1")) {
return 1;}
Where 1 is the return value to admin-level access (0 being fail and 3 being user).
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| level1 | wbr-6012_firmware | — | — |
| levelone | wbr-6012 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities
blogs_talos·2024-10-31·CVSS 7.8
[HIGH] NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities
## NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities
Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a range of possible exploits.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org , and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website .
NVIDIA Graphics remote out-of-bounds execution vulnerabilities
Discovered by Piotr Bania.
NVIDIA Graphics drivers are software for NVIDIA Graphics GPU installed on the PC. They are used to communicate between the operating system and the GPU device. This software is required in most
Talos
NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities
blogs_talos·2024-10-31·CVSS 7.8
[HIGH] NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities
Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a range of possible exploits.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
NVIDIA Graphics remote out-of-bounds execution vulnerabilities
Discovered by Piotr Bania.
NVIDIA Graphics drivers are software for NVIDIA Graphics GPU installed on the PC. They are used to communicate between the operating system and the GPU device. This software is required in most cases for the hardware device to function properly.
Talos discovered multip
2024-10-30
Published