CVE-2024-8878

Summary

The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05.

Affected Software

VendorProductVersion RangeStatus
RielloNetman 2040 <= 4.05affected

Weaknesses

  • CWE-640: CWE-640 Weak Password Recovery Mechanism for Forgotten Password

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

CVE Program Container

Additional References

References