How severe is CVE-2023-34284?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2023-34284?

This is classified as CWE-798, which is a common weakness in software security.

CVE-2023-34284 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the system configuration. The system contains a hardcoded user account which can be used to access the CLI service as a low-privileged user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-19660.

Related Vulnerabilities

CVE-2021-31477

MEDIUM

CVSS:6.3(Medium)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific fla...

CWE-7982021

CVE-2022-30997

MEDIUM

CVSS:6.3(Medium)

Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller R4.10 to R4.31, which may allow an attacker with an administrative privilege to read/change configuratio...

CWE-7982022

CVE-2023-46919

MEDIUM

CVSS:6.3(Medium)

Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus have a hardcoded aKySWb2jjrr4dzkYXczKRt7K (AES) encryption key. An at...

CWE-7982023

CVE-2024-45319

MEDIUM

CVSS:6.3(Medium)

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.

CWE-7982024

CVE-2018-14801

MEDIUM

CVSS:6.2(Medium)

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that ...

CWE-7982018

CVE-2019-4220

MEDIUM

CVSS:6.2(Medium)

IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information. IBM X-Force ID: 159229.

CWE-7982019