Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-4fj6-9r38-4v86

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE
View on GitHub

Advisory Details

A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be found at address 0x80100910

80100910 40 6d 21 74 ds "@m!t2K1"
32 4b 31 00

It is referenced by the function located at 0x800b78b0 and is used as shown in the pseudocode below:

if ((SECOND_FROM_BOOT_TIME < 300) &&
(is_equal = strcmp(password,"@m!t2K1")) {
return 1;}

Where 1 is the return value to admin-level access (0 being fail and 3 being user).

Related CVEs

CVE-2024-28875

Key Information

GHSA ID
GHSA-4fj6-9r38-4v86
Published
October 30, 2024 3:30 PM
Last Modified
October 30, 2024 3:30 PM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: June 25, 2025 8:46 PM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.