Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-41027

Summary
Assigner-XI
Assigner Org ID-902ff664-2e36-43e3-a1aa-3210c82d1b67
Published At-22 Sep, 2023 | 16:06
Updated At-24 Sep, 2024 | 18:06
Rejected At-
Credits

Juplink RX4-1500 Credential Disclosure Vulnerability

Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administrative account via requests to the vulnerable endpoint.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:XI
Assigner Org ID:902ff664-2e36-43e3-a1aa-3210c82d1b67
Published At:22 Sep, 2023 | 16:06
Updated At:24 Sep, 2024 | 18:06
Rejected At:
▼CVE Numbering Authority (CNA)
Juplink RX4-1500 Credential Disclosure Vulnerability

Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administrative account via requests to the vulnerable endpoint.

Affected Products
Vendor
Juplink
Product
RX4-1500
Default Status
unknown
Versions
Affected
  • V1.0.5
  • V1.0.4
Problem Types
TypeCWE IDDescription
CWECWE-210CWE-210 Insertion of Sensitive Information Into Sent Data
Type: CWE
CWE ID: CWE-210
Description: CWE-210 Insertion of Sensitive Information Into Sent Data
Metrics
VersionBase scoreBase severityVector
3.18.0HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.07.7N/A
AV:A/AC:L/Au:S/C:C/I:C/A:C
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 2.0
Base score: 7.7
Base severity: N/A
Vector:
AV:A/AC:L/Au:S/C:C/I:C/A:C
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-115CAPEC-115 Authentication Bypass
CAPEC ID: CAPEC-115
Description: CAPEC-115 Authentication Bypass
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Exodus Intelligence
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blog.exodusintel.com/2023/09/18/juplink-rx4-1500-credential-disclosure-vulnerability/
third-party-advisory
Hyperlink: https://blog.exodusintel.com/2023/09/18/juplink-rx4-1500-credential-disclosure-vulnerability/
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://blog.exodusintel.com/2023/09/18/juplink-rx4-1500-credential-disclosure-vulnerability/
third-party-advisory
x_transferred
Hyperlink: https://blog.exodusintel.com/2023/09/18/juplink-rx4-1500-credential-disclosure-vulnerability/
Resource:
third-party-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
juplink
Product
rx4-1500
CPEs
  • cpe:2.3:h:juplink:rx4-1500:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From v.1.0.4 through v1.0.5 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosures@exodusintel.com
Published At:22 Sep, 2023 | 17:15
Updated At:26 Sep, 2023 | 14:28

Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administrative account via requests to the vulnerable endpoint.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.18.0HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary2.07.7HIGH
AV:A/AC:L/Au:S/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 2.0
Base score: 7.7
Base severity: HIGH
Vector:
AV:A/AC:L/Au:S/C:C/I:C/A:C
CPE Matches
juplink
juplink
>>rx4-1500_firmware>>1.0.4
cpe:2.3:o:juplink:rx4-1500_firmware:1.0.4:*:*:*:*:*:*:*
juplink
juplink
>>rx4-1500_firmware>>1.0.5
cpe:2.3:o:juplink:rx4-1500_firmware:1.0.5:*:*:*:*:*:*:*
juplink
juplink
>>rx4-1500>>-
cpe:2.3:h:juplink:rx4-1500:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-209Primarynvd@nist.gov
CWE-210Secondarydisclosures@exodusintel.com
CWE ID: CWE-209
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-210
Type: Secondary
Source: disclosures@exodusintel.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://blog.exodusintel.com/2023/09/18/juplink-rx4-1500-credential-disclosure-vulnerability/disclosures@exodusintel.com
Third Party Advisory
Hyperlink: https://blog.exodusintel.com/2023/09/18/juplink-rx4-1500-credential-disclosure-vulnerability/
Source: disclosures@exodusintel.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

4Records found
CVE-2023-41031
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-8||HIGH
EPSS-0.26% / 49.03%
||
7 Day CHG~0.00%
Published-22 Sep, 2023 | 16:07
Updated-24 Sep, 2024 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Juplink RX4-1500 homemng.htm Command Injection Vulnerability

Command injection in homemng.htm in Juplink RX4-1500 versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint.

Action-Not Available
Vendor-juplinkJuplinkjuplink
Product-rx4-1500_firmwarerx4-1500RX4-1500rx4-1500
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2023-41028
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-9||CRITICAL
EPSS-0.11% / 29.84%
||
7 Day CHG~0.00%
Published-23 Aug, 2023 | 21:47
Updated-03 Oct, 2024 | 13:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Juplink RX4-1500 Stack-based Buffer Overflow Vulnerability

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.

Action-Not Available
Vendor-juplinkJuplinkjuplink
Product-rx4-1500_firmwarerx4-1500RX4-1500rx4-1500
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-41029
Matching Score-8
Assigner-Exodus Intelligence
ShareView Details
Matching Score-8
Assigner-Exodus Intelligence
CVSS Score-8||HIGH
EPSS-0.18% / 39.31%
||
7 Day CHG~0.00%
Published-22 Sep, 2023 | 16:07
Updated-24 Sep, 2024 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Juplink RX4-1500 Command Injection Vulnerability

Command injection vulnerability in the homemng.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows authenticated remote attackers to execute commands as root via specially crafted HTTP requests to the vulnerable endpoint.

Action-Not Available
Vendor-juplinkJuplinkjuplink
Product-rx4-1500_firmwarerx4-1500RX4-1500rx4-1500
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-23689
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.8||HIGH
EPSS-0.97% / 75.62%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 21:02
Updated-30 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClickHouse Client Certificate Password Exposure

Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.

Action-Not Available
Vendor-clickhouse
Product-java_libraries
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
Details not found