CVE-2018-18473
CRITICALPATLITE NH-FB <=1.45, NH-FV <=1.10, NBM <=1.09 - Hard-coded Credentials via _secret1.htm
Title source: llmDescription
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow attackers to enable an SSH daemon via the "kankichi" or "kamiyo4" password to the _secret1.htm URI. Subsequently, the default password of root for the root account allows an attacker to conduct remote code execution and as a result take over the system.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://herolab.usd.de/wp-content/uploads/sites/4/usd20180020.txt
Various Sources x_refsource_confirm
https://www.patlite.com/support/Security_Informationtest.html
Scores
CVSS v3
9.8
EPSS
0.0565
EPSS Percentile
92.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-798
Status
published
Products (3)
patlite/nbm-d88n_firmware
patlite/nhl-3fb1_firmware
patlite/nhl-3fv1n_firmware
Published
Mar 21, 2019
Tracked Since
Feb 18, 2026