CVE-2024-11630

CVSS V2 None CVSS V3 None

Description

A vulnerability has been found in E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and H900 up to 3.2 and classified as critical. This vulnerability affects unknown code of the component OEM Backend. The manipulation leads to hard-coded credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way.

Overview

CVE ID
CVE-2024-11630

Assigner
VulDB

Vulnerability Status
PUBLISHED

Published Version
2024-11-22T22:00:07.324Z

Last Modified Date
2024-11-22T22:00:07.324Z

Weakness Enumerations

CWE	URL
CWE-798	http://cwe.mitre.org/data/definitions/798.html
CWE-259	http://cwe.mitre.org/data/definitions/259.html

References

Reference URL	Reference Tags
https://vuldb.com/?id.285916	vdb-entry
https://vuldb.com/?ctiid.285916	signature permissions-required
https://vuldb.com/?submit.444738	third-party-advisory
https://github.com/I3eg1nner/iot-vuln/blob/main/E-lins/Hard-Coded%20Credential%20Vulnerability%20in%20E-Lins%20Routers.md	exploit

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-11630
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11630

History

Created	Old Value	New Value	Data Type	Notes
2024-11-23 14:04:53				Added to TrackCVE