CVE-2017-6047
Description
Detcon SiteWatch Gateway stores passwords in plaintext in an accessible file, allowing remote attackers to obtain credentials and potentially execute code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Detcon SiteWatch Gateway stores passwords in plaintext in an accessible file, allowing remote attackers to obtain credentials and potentially execute code.
Vulnerability
Detcon SiteWatch Gateway (all versions without cellular) stores user passwords in plaintext in a file that is accessible without authentication [1]. This is a combination of improper authentication and plaintext storage of a password. The cellular versions are not affected [1].
Exploitation
An attacker with network access to the gateway can read the plaintext password file without any authentication [1]. The advisory notes low skill level to exploit and remote exploitability [1]. No user interaction is required.
Impact
Successful exploitation allows an attacker to obtain user passwords and change device settings. The advisory states that remote code execution may be possible [1]. The attacker gains the ability to compromise the gateway and potentially pivot to other systems.
Mitigation
Detcon no longer sells or maintains the SiteWatch Gateway product; no patch is available [1]. Users should minimize network exposure, isolate the device behind firewalls, and use secure remote access methods such as VPNs [1]. The product is end-of-life.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: All versions affected except cellular versions
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- ics-cert.us-cert.gov/advisories/ICSA-17-136-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.