EUVD-2026-31179
GHSA-jj2w-phrm-32r8
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionNVD
Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication is implemented entirely in client-side JavaScript in login.zhtml, exposing static plaintext credentials in the page source. Unauthenticated attackers with network access can recover administrative credentials directly from the client-side validate() function to obtain full administrative access to the device.
AnalysisAI
Authentication bypass in the Taiko AG1000-01A SMS Alert Gateway (Rev 7.3 and Rev 8) allows unauthenticated remote attackers to recover hard-coded administrative credentials by viewing the page source of login.zhtml, because the validate() function performs credential checking entirely client-side. With a CVSS 4.0 base score of 9.3 (AV:N/AC:L/PR:N/UI:N) and a VulnCheck advisory plus a public Medium write-up, the flaw is trivially exploitable, though no public exploit identified at time of analysis as a packaged tool and the device is not currently listed in CISA KEV.
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all Taiko AG1000-01A deployments in production (specifically Rev 7.3 and Rev 8); immediately restrict network access to management interfaces from trusted administrative networks only via firewall rules. Within 7 days: Implement network segmentation isolating affected devices from general network access; rotate all administrative credentials on affected systems; validate all compensating controls are operational. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today