M357 5G Firmware
CVE-2023-3703
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials
AnalysisAI
Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Use of Default Credentials (CWE-1392), which allows attackers to gain access using factory-default usernames and passwords. Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials Affected products include: Proscend M357-5G Firmware, Proscend M357-Ai Firmware, Proscend M350-5G Firmware, Proscend M350-W5G Firmware, Proscend M350-6 Firmware. Version information: version 1.76.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Force credential change on first use, remove default accounts, document required credential changes.
Same weakness CWE-1392 – Use of Default Credentials
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today