How severe is CVE-2021-31477?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2021-31477?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2021-31477

MEDIUM Year: 2021

CVSS v3 Score

6.3

Medium

CVSS v2 Score

7.5

High

Weakness Type

CWE-798

View all →

Vulnerability Description

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain hard-coded default credentials. An attacker can leverage this vulnerability to execute code in the context of the download user. Was ZDI-CAN-11852.

CVE-2022-30997

MEDIUM

CVSS:6.3(Medium)

Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuratio...

CWE-7982022

CVE-2023-34284

MEDIUM

CVSS:6.3(Medium)

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX3...

CWE-7982023

CVE-2023-46919

MEDIUM

CVSS:6.3(Medium)

Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K (AES) encryption key. An at...

CWE-7982023

CVE-2024-45319

MEDIUM

CVSS:6.3(Medium)

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.

CWE-7982024

CVE-2018-14801

MEDIUM

CVSS:6.2(Medium)

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that ...

CWE-7982018

CVE-2019-4220

MEDIUM

CVSS:6.2(Medium)

IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information. IBM X-Force ID: 159229.

CWE-7982019

CVE-2021-31477

Vulnerability Description

Related Vulnerabilities

CVE-2022-30997

CVE-2023-34284

CVE-2023-46919

CVE-2024-45319

CVE-2018-14801

CVE-2019-4220