CVE-2024-8878 — CRITICAL (9.8)

Q: How severe is CVE-2024-8878?

CVE-2024-8878 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2024-8878?

Check the references section above for vendor advisories and patch information. Affected products include: Riello-Ups Netman 204 Firmware, Riello-Ups Netman 204.

Vulnerability Description

The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Riello-Ups	Netman 204 Firmware	<= 4.05
Riello-Ups	Netman 204	-

Related Weaknesses (CWE)

CWE-640

References

FAQ

What is CVE-2024-8878?

CVE-2024-8878 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: throug...

How severe is CVE-2024-8878?

CVE-2024-8878 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2024-8878?

Check the references section above for vendor advisories and patch information. Affected products include: Riello-Ups Netman 204 Firmware, Riello-Ups Netman 204.