CVE-2024-12013

High

Published: 13 February 2025

Published

13 February 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

EPSS Score 0.0042 61.7th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform changes over resources exposed by the service such as configuration files where password hashes are saved or where network settings are stored.

Security Summary

CVE-2024-12013 is a CWE-1392 vulnerability classified as "Use of Default Credentials" affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server protected by default and easy-to-guess admin credentials, enabling unauthorized access to sensitive resources.

A remote attacker capable of interacting with the exposed FTP server can exploit this issue by using the default credentials to gain access. Upon successful authentication, the attacker can modify configuration files exposed by the service, including those storing password hashes or network settings. The vulnerability carries a CVSS v3.1 base score of 7.6 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L), indicating high integrity impact potential with network accessibility and low complexity.

Mitigation guidance is available in the advisory from Nozomi Networks at https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-12013.

Details

CWE(s): CWE-1392

References

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-12013
prodsec@nozominetworks.com