CVE-2024-12013

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform changes over resources exposed by the service such as configuration files where password hashes are saved or where network settings are stored.

CVSS v3 7.6 HIGH

7.6^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-12013

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Se descubrió un error CWE-1392 “Uso de credenciales predeterminadas” que afectaba al gateway TCP/IP 130.8005 con la versión de firmware 12h. El dispositivo expone un servidor FTP con credenciales de administrador predeterminadas y fáciles de adivinar. Un atacante remoto capaz de interactuar con el servidor FTP podría obtener acceso y realizar cambios en los recursos expuestos por el servicio, como los archivos de configuración donde se guardan los hashes de contraseñas o donde se almacenan las configuraciones de red.

13 Feb 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-13 16:15

Updated : 2026-04-15 00:35

NVD link : CVE-2024-12013

Mitre link : CVE-2024-12013

CVE.ORG link : CVE-2024-12013

JSON object : View

Products Affected

No product.

CWE

CWE-1392

Use of Default Credentials

7.6 /10