CVE-2024-39838

Summary

ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may allow a network-adjacent attacker with an administrative privilege to alter the configuration of the device.

Affected Software

VendorProductVersion RangeStatus
ZEXELON CO., LTD.ZWX-2000CSW2-HNfirmware versions prior to Ver.0.3.15affected

Weaknesses

  • Use of Hard-coded Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References