Vulnerability Details : CVE-2023-35837
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. Authentication for web interface is completed via an unauthenticated WiFi AP. The administrative password for the web interface has a default password, equal to the registration ID of the device. This same registration ID is used as the WiFi SSID name. No routine is in place to force a change to this password on first use or bring its default state to the attention of the user. Once authenticated, an attacker can reconfigure the device or upload new firmware, both of which can lead to Denial of Service, code execution, or Escalation of Privileges.
Vulnerability category: Denial of service
Products affected by CVE-2023-35837
- Solax » Pocket Wifi 3 FirmwareVersions from including (>=) 3.0.0 and up to, including, (<=) 3.009.03_20230504cpe:2.3:o:solax:pocket_wifi_3_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-35837
0.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 52 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-35837
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | 2024-01-31 |
References for CVE-2023-35837
-
https://yougottahackthat.com/blog/
You Gotta Hack That | Penetration Testing ConsultancyThird Party Advisory
-
https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/
News - SolaX PowerProduct
-
https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication
You Gotta Hack That | Penetration Testing ConsultancyThird Party Advisory
-
https://www.solaxpower.com/downloads/
Downloads - SolaX PowerNot Applicable
Jump to