ByteOS Network

CVE Vulnerability Details :

CVE-2024-29071

PUBLISHED

More Info Official Page

Assigner-jpcert

Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce

Published At-25 Mar, 2024 | 03:42

Updated At-28 Mar, 2025 | 07:38

▼CVE Numbering Authority (CNA)

HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may change the system settings.

Affected Products

Vendor

KDDI CORPORATION

Product

HGW BL1500HM

Versions

Affected

Ver 002.001.013 and earlier

Problem Types

Type	CWE ID	Description
CWE	CWE-1391	Use of weak credentials

References

Hyperlink	Resource
https://kddi-tech.com/contents/appendix_L2_06.html#20304f4c-af1b-49fd-c3b5-8d1f55fd8b4f	N/A
https://jvn.jp/en/vu/JVNVU93546510/	N/A

▼Authorized Data Publishers (ADP)

1. CISA ADP Vulnrichment

Affected Products

Vendor

kddi

Product

hgw_bli500hm_firmware

CPEs

cpe:2.3:o:kddi:hgw_bli500hm_firmware:*:*:*:*:*:*:*:*

Default Status

unknown

Versions

Affected

From 0 through 002.001.013 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-522	CWE-522 Insufficiently Protected Credentials

Metrics

Version	Base score	Base severity	Vector
3.1	8.8	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Metrics Other Info

2. CVE Program Container

References

Hyperlink	Resource
https://www.au.com/support/service/internet/guide/modem/bl1500hm/firmware/	x_transferred
https://jvn.jp/en/vu/JVNVU93546510/	x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References