CVE-2024-39208

EUVD-2024-37866
luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
luciappluckyluci-app-lucky
𝑥
≤ 2.8.3
ADP
Common Weakness Enumeration
References
https://gist.github.com/yanggao017/9e64b97f4de708360db08db01f0bb980
https://github.com/yanggao017/vuln/blob/main/luci-app-lucky.md
https://gist.github.com/yanggao017/9e64b97f4de708360db08db01f0bb980
https://github.com/yanggao017/vuln/blob/main/luci-app-lucky.md