CVE-2012-1838
LG-Nortel ELO GS24M Switch - Unauthenticated Authentication Bypass via Direct Configuration Page Access
Title source: llmDescription
The web management interface on the LG-Nortel ELO GS24M switch allows remote attackers to bypass authentication, and consequently obtain cleartext credential and configuration information, via a direct request to a configuration web page.
References (3)
Core 3
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/523027
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80370
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74237
Scores
EPSS
0.0310
EPSS Percentile
86.1%
Details
CWE
CWE-287
Status
published
Products (1)
lg-nortel/elo_gs24m_switch
Published
Mar 22, 2012
Tracked Since
Feb 18, 2026