Baicells Neutrino 430 Firmware vulnerabilities
2 known vulnerabilities affecting baicells/neutrino_430_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2023-0776P2CRITICALCVSS 10.0≤ qrtb_2.12.72023-02-11
CVE-2023-0776 [CRITICAL] CWE-79 CVE-2023-0776: Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware thro
Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been tested and validated by a 3rd party
nvd
CVE-2022-24693P2CRITICALCVSS 9.8≤ qrtb_2.7.82022-03-30
CVE-2022-24693 [CRITICAL] CWE-798 CVE-2022-24693: Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentia
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.)
nvd