CVE-2023-6198 : Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE

Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User Passwords modules) allows unauthorized access to the device.

Published 2024-06-25 01:34:57

Updated 2024-06-25 12:24:18

Source Baicells Technologies Co., Ltd.

View at NVD, CVE.org

Vulnerability category: Bypass

Products affected by CVE-2023-6198

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2023-6198

EPSS FAQ

0.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 40 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-6198

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.3	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L	N/A	N/A	Baicells Technologies Co., Ltd.	2024-06-25
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: High Availability: Low
9.3	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L	3.9	4.7	Baicells Technologies Co., Ltd.	2024-06-25
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: High Availability: Low

CWE ids for CVE-2023-6198

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.
Assigned by:
- 084566ad-deee-4e89-acff-6b7b1bf9d4b7 (Primary)
- security@baicells.com (Secondary)

References for CVE-2023-6198

https://www.baicells.com

Baicells

Jump to

Vulnerability Details : CVE-2023-6198

Products affected by CVE-2023-6198

Exploit prediction scoring system (EPSS) score for CVE-2023-6198

CVSS scores for CVE-2023-6198

CWE ids for CVE-2023-6198

References for CVE-2023-6198