CVE-2024-53937

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 2, 2024

Updated: Dec 3, 2024

CWE ID 863

Summary

CVE-2024-53937 is a newly disclosed vulnerability affecting the Victure RX1800 WiFi 6 Router. The issue lies in the default enabling of the TELNET service with hardcoded admin credentials, which are admin/admin. Attackers can exploit this vulnerability to execute arbitrary commands with root-level permissions over the Local Area Network. Disturbingly, the router does not require the TELNET password to be changed during setup, making it an enticing target for unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/04w9uX
https://www.cve.org/CVERecord?id=CVE-2024-53937
https://nvd.nist.gov/vuln/detail/CVE-2024-53937

Back to Vulnerability Database

CVE-2024-53937

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations