CVE-2023-30603
Hitron Technologies Inc. CODA-5310 - Using default credentials
In short
The Hitron CODA-5310 modem comes with default username and password for Telnet access that cannot be easily changed, allowing anyone on the network to gain full administrator control without authentication.
Technical detail
The CODA-5310 exposes an unauthenticated Telnet interface with hardcoded default credentials (CWE-1392: Use of Hard-coded Credentials). Remote attackers can connect via Telnet, authenticate with default account details, and obtain administrative privileges to execute arbitrary commands or disable the device. No forced credential change mechanism exists, leaving the system persistently vulnerable.
Summary generated and translated by AI from the official description.
Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. An unauthenticated remote attackers can exploit this vulnerability to obtain the administrator’s privilege, resulting in performing arbitrary system operation or disrupt service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Hitron Technologies Inc. · Hitron CODA-5310Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →