Products
Firewalla Box Software
- before 1.979
Source
disclosure@vulncheck.com
Tags
CVE-2024-40892 details
Last Modified : Aug. 12, 2024, 7:15 p.m.
Description
A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely).
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7.1 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-1391 | Use of Weak Credentials | The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker. |
CVSS Data
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.1
Exploitability Score
1.2
Impact Score
5.9
Base Severity
HIGH
Vector String : CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
References
URL | Source |
---|---|
https://vulncheck.com/advisories/firewalla-bt-weak-credentials | disclosure@vulncheck.com |