NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| n-base | nh2048 | 1.33 |
| n-base | nh2012 | 2.53 |
| n-base | nh2012r | 2.53 |
| n-base | nh3012 | 2.1 |
| n-base | nh2015 | 2.51 |
NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| n-base | nh215 | * |
| n-base | nh208 | * |