[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

Submit #185321: RoomCast TA-2400 - CVE-2023-33744 - Use of Hard-coded Passwordinfo

TitleRoomCast TA-2400 - CVE-2023-33744 - Use of Hard-coded Password
DescriptionCVE—2023-33744: USE OF HARD-CODED PASSWORD in ROOMCAST.APK in TELEADAPT ROOMCAST TA-2400 1.0.0 AND LATER allows LOCAL to AUTHENTICATE via MANAGEMENT MODE Vulnerabilty Type: CWE-259: Use of Hard-coded Password Vulnerabilty Description: The RoomCast application encompasses three distinct management modes: Hotel mode, Admin mode, and Engineering mode. Notably, the passwords for all three management portals are publicly available and documented as part of the RoomCast documentation. It is important to note that the owners of the device do not have the ability to modify these passwords. Among the three modes, the Engineering mode holds the greatest impact. This powerful mode allows for modifications to be made to the Android component, as well as the initiation of a terminal session on the Android node. Device: RoomCast TA-2400 Software: Roomcast.apk RoomCast Component: Android OS CVSS Base Score: Medium Risk - 5.9 CVSS Temporal Score: Medium Risk - 5.8 CVSS v3.1 Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:F/RL:U/RC:C Proof of Concept In this section, we present a detailed proof of concept (PoC) to illustrate the identified vulnerability within the RoomCast TA-2400 device. The PoC provides step-by-step instructions for identifying the vulnerability and successfully exploiting it. 1. In the RoomCast graphical user interface navigate to the About/Feedback page using the RoomCast provided remote. 2. Enter in the combination of feedback levels (outlined below) to enter the different management modes. Connect to the Hotel management mode; Select the feedback level “Struggled”, “Struggled”. Enter the password/PIN: 385521 Connect to the Admin management mode; Select the feedback level “Struggled”, “Struggled”. Enter the password/PIN: 843646 Connect to the Engineering management mode; Select the feedback level “Not Cool”, “Whatever”, “Love It”. Enter the password/PIN: 592671 Following these recreation steps will enable you to access the respective management modes within the RoomCast device, allowing you to utilize the associated functionalities and features.
Source⚠️ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33744
User
 jTag Labs (UID 51246)
Submission21.07.2023 03:37 (vor 2 Jahren)
Moderation28.07.2023 07:09 (7 days later)
StatusAkzeptiert
VulDB Entry235620 [TeleAdapt RoomCast TA-2400 bis 3.1 Roomcast Application Roomcast.apk schwache Authentisierung]
Points20

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!