CVE-2021-39289
Certain NetModule devices have Insecure Password Handling (cleartext or reversible encryption), These models with firmware before 4.3.0.113, 4.4.0.111, and 4.5.0.105 are affected: NB800, NB1600, NB1601, NB1800, NB1810, NB2700, NB2710, NB2800, NB2810, NB3700, NB3701, NB3710, NB3711, NB3720, and NB3800.
-
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-
23/08/2021
Operating Systems 15
NB
NB800 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB1600 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB1601 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB1800 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB1810 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB2700 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB2710 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB2800 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB2810 Firmware
by Netmodule
7 Versions
2 years ago
NB
NB3700 Firmware
by Netmodule
7 Versions
2 years ago
Vulnerability Categories 2
Insufficiently Protected Credentials
Insecure Storage of Sensitive Information
Advisory Links 2
http://www.vicarius.io
is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the
Website is purely for informational, and educational purposes and should be independently
verified and confirmed. Vicarius does not accept any liability for any loss or damage
whatsoever caused in reliance upon such information or services. No statements or information
presented in any form by Vicarius is intended as fact, and you agree that you will not
consider the statements or information presented on the Website as fact or as a guarantee of
performance.
Related CVEs
Security Research Topics
By Paul Lighter
Jan 11, 2023
When the Target is Also the Threat
A software failure grounded thousands of flights today, raising a complicated question - how do you secure an unstable system? The answer has never been more urgent.
By Paul Lighter
Jan 06, 2023
The Uncomfortable Implications of the LastPass Attack
The recent attack on LastPass has people questioning if they can trust password managers. But there's a bigger issue lurking underneath - can you trust ANY security vendor?
By Paul Lighter
Nov 30, 2022
Online Casino Heist Shreds Confidence in Cybersecurity
Hackers recently swiped $300,000 from DraftKings accounts - and it was almost effortless. This attack will likely be forgotten by history. But it should be a wake-up call instead.
By Mohammad Hussam Alzeyyat
Nov 29, 2022
Ethernaut CTF - Vault Challenge
Here we are with the Vault challenge from Ethernaut CTF.
We are going to be introduced to the NON Privacy on-chain and how we should not store secrets and critical information into variables even if we set the type of those variables as private.
We will see how we can extract the values of those private variables.
By Mohammad Hussam Alzeyyat
Nov 18, 2022
DownUnderCTF 2022 Blockchain - Crypto Casino
In this blog, we are going to hack the casino contract of the DownUnderCTF 2022 challenges.
There is a PRNG function that we are going to exploit it using a python script.
Don't forget Hackers Gonna Hack!
Start Closing Security Gaps
- Risk reduction from Day 1
- Fast set-up and deployment
- Unified platform
- Full-featured 14-day trial