Overview
- Description
- It appears that some hardcoded keys are used for authentication to internal API. Knowing these private keys may allow attackers to bypass authentication and reach administrative interfaces. As for the affected products/models/versions, see the reference URL.
- Source
- ecc0f906-8666-484c-bcf8-c3b7520a72f0
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 7.1
- Impact score
- 4
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
Weaknesses
- ecc0f906-8666-484c-bcf8-c3b7520a72f0
- CWE-798
Social media
- Hype score
- Not currently trending