High severity7.1NVD Advisory· Published Jun 14, 2024· Updated Apr 15, 2026

CVE-2024-27168

Description

It appears that some hardcoded keys are used for authentication to internal API. Knowing these private keys may allow attackers to bypass authentication and reach administrative interfaces. As for the affected products/models/versions, see the reference URL.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2024/Jul/1nvd
jvn.jp/en/vu/JVNVU97136265/index.htmlnvd
www.toshibatec.com/information/20240531_01.htmlnvd
www.toshibatec.com/information/pdf/information20240531_01.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.461
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000