What is CVE-2024-8878?

CVE-2024-8878 is a vulnerability in Riello Netman 204, classified under Weak Password Recovery Mechanism for Forgotten Password. Published 2024-09-24.

Is CVE-2024-8878 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Riello Netman 204

CVE-2024-8878

The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05.

EPSS: 0.007 (73.2th percentile) — read the EPSS interpretation.

Affected products

Riello Netman 204 — versions 0

Weakness classification (CWE)

CWE-640 — Weak Password Recovery Mechanism for Forgotten Password

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

cyberdanube.com/en/en-multiple-vulnerabilities-in-riello-netman-204/index.html (third-party-advisory, exploit)

Frequently asked questions

What is CVE-2024-8878?: CVE-2024-8878 is a vulnerability in Riello Netman 204, classified under Weak Password Recovery Mechanism for Forgotten Password. Published 2024-09-24.
Is CVE-2024-8878 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.