cvedb.io
CVE-2022-24693
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2022-03-30T02:15:08.960 · Last modified 2026-06-17T04:32:18.777

Summary

Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.)

Affected products

baicells — nova436q_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when baicells ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.