CVE-2024-28093

EUVD-2024-25258
The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
8.8 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Common Weakness Enumeration
References
https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-28093
https://github.com/actuator/cve/blob/main/AdTran/CWE-287
https://supportcommunity.adtran.com/t5/NetVanta-Product-Notices/2019-Q2-NetVanta-3120-3130-EOL/ta-p/35715
https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-28093
https://github.com/actuator/cve/blob/main/AdTran/CWE-287
https://supportcommunity.adtran.com/t5/NetVanta-Product-Notices/2019-Q2-NetVanta-3120-3130-EOL/ta-p/35715