CVE-2016-9497
HIGHHughes HN7740S DW7000 HN7000S/SM Firmware - Unauthenticated Authentication Bypass via Telnet Port 1953
Title source: llmDescription
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
https://www.securityfocus.com/bid/96244
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/614751
Scores
CVSS v3
8.8
EPSS
0.0221
EPSS Percentile
80.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
CWE-288
Status
published
Products (4)
hughes/dw7000_firmware
6.9.0.34
hughes/hn7000s_firmware
6.9.0.34
hughes/hn7000sm_firmware
6.9.0.34
hughes/hn7740s_firmware
6.9.0.34
Published
Jul 13, 2018
Tracked Since
Feb 18, 2026