Wattsense Bridge Hard-Coded Credential Vulnerability Allowing Unauthorized Access
Vulnerability
A vulnerability exists in the firmware of all Wattsense Bridge devices due to hard-coded user and root credentials. The user password can be easily cracked and, once obtained, used to access the device through a login shell available via the serial interface. This issue has been addressed in Wattsense Bridge firmware versions 6.4.1 and later.
Impact
Exploitation of this vulnerability allows for unauthorized access to the device with user privileges, which can be escalated to root privileges through the serial interface.
Reproduction
The vulnerability can be reproduced by cracking the hard-coded user password hash using a password cracking tool, such as John the Ripper. After successfully cracking the password, the recovered credentials can be used to log into the device via the serial interface, accessing a Linux login prompt. From there, a root shell can be obtained by exploiting the bootloader access, allowing for full control over the device.
Remediation
Users are advised to update to Wattsense Bridge firmware version 6.4.1 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.