{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-28875","assignerOrgId":"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b","state":"PUBLISHED","assignerShortName":"talos","dateReserved":"2024-04-26T18:28:06.337Z","datePublished":"2024-10-30T13:35:19.982Z","dateUpdated":"2025-11-03T21:54:34.037Z"},"containers":{"cna":{"affected":[{"vendor":"LevelOne","product":"WBR-6012","versions":[{"version":"R0.40e6","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be found at address 0x80100910\r\n\r\n    80100910 40 6d 21 74        ds         \"@m!t2K1\"\r\n             32 4b 31 00\r\n             \r\nIt is referenced by the function located at 0x800b78b0 and is used as shown in the pseudocode below:\r\n\r\n    if ((SECOND_FROM_BOOT_TIME < 300) &&\r\n        (is_equal = strcmp(password,\"@m!t2K1\")) {\r\n            return 1;}\r\n            \r\nWhere 1 is the return value to admin-level access (0 being fail and 3 being user)."}],"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-798: Use of Hard-coded Credentials","type":"CWE","cweId":"CWE-798"}]}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"providerMetadata":{"orgId":"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b","shortName":"talos","dateUpdated":"2024-10-30T13:35:19.982Z"},"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1979","name":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1979"}],"credits":[{"lang":"en","value":"Discovered by Francesco Benvenuto and Patrick DeSantis of Cisco Talos."}]},"adp":[{"affected":[{"vendor":"levelone","product":"wbr-6012","cpes":["cpe:2.3:h:levelone:wbr-6012:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"R0.40e6","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-30T14:04:05.633267Z","id":"CVE-2024-28875","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-30T14:05:54.587Z"}},{"title":"CVE Program Container","references":[{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1979"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:54:34.037Z"}}]}}