Description
An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://rchase.com/downloads/momentum-iot-penetration-test-report.pdf
Scores
CVSS v3
6.7
EPSS
0.0038
EPSS Percentile
29.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-522
Status
published
Products (1)
apollotechnologiesinc/momentum_axel_720p_firmware
5.1.8
Published
Jun 12, 2018
Tracked Since
Feb 18, 2026