CRITICAL🇵🇱 Wersja polska

CVE-2023-46685

CVSS 9.8v3.1pub. 2024-07-08upd. 2025-11-04

A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A set of specially crafted network packets can lead to arbitrary command execution.

🤖 AI Analysis
How it works

The telnetd service embedded in the firmware of the LevelOne WBR-6013 router (version RER4_A_v3411b_2T2R_LEV_09_170623) contains a hard-coded password that cannot be changed by the user. An attacker, by sending specially crafted network packets, can use this password to authenticate to the telnetd service without knowledge of actual credentials. As a result, it is possible to execute arbitrary system commands on the device.

Impact

An attacker gains full control over the device — can execute arbitrary commands, modify configuration, intercept network traffic, and potentially use the router as an entry point to the internal network.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references. Additionally, until the patch is deployed, it is recommended to block access to the telnetd service at the firewall level and restrict access to the device only from trusted IP addresses.

Who is affected

LevelOne WBR-6013 with firmware version RER4_A_v3411b_2T2R_LEV_09_170623

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Level1 Wbr 6013

    HW
    Level1
    wszystkie wersje
  • Level1 Wbr 6013 Firmware

    OS
    Level1
    rer4_a_v3411b_2t2r_lev_09_170623
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-41251HIGH7.2ten sam produkt

A stack-based buffer overflow vulnerability exists in the boa formRoute functionality of Realtek rtl819x Jungl...

CVE-2023-45215HIGH7.2ten sam produkt

A stack-based buffer overflow vulnerability exists in the boa setRepeaterSsid functionality of Realtek rtl819x...

CVE-2023-45742HIGH7.2ten sam produkt

An integer overflow vulnerability exists in the boa updateConfigIntoFlash functionality of Realtek rtl819x Jun...

CVE-2023-47677HIGH8.8ten sam produkt

A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek r...

CVE-2023-34435HIGH7.2ten sam produkt

A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4....