CVE-2016-2310
CRITICALGE Multilink Firmware < 5.5.0 - Use of Hard-coded Credentials
Title source: llmDescription
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-154-01
Scores
CVSS v3
9.8
EPSS
0.0322
EPSS Percentile
86.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-798
Status
published
Products (1)
ge/multilink_firmware
< 5.5.0
Published
Jun 09, 2016
Tracked Since
Feb 18, 2026