High severity8.8NVD Advisory· Published Apr 8, 2024· Updated Apr 15, 2026

CVE-2024-28744

Description

The password is empty in the initial configuration of ACERA 9010-08 firmware v02.04 and earlier, and ACERA 9010-24 firmware v02.04 and earlier. An unauthenticated attacker may log in to the product with no password, and obtain and/or alter information such as network configuration and user information. The products are affected only when running in non MS mode with the initial configuration.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/vu/JVNVU99285099/nvd
www.furunosystems.co.jp/news/info/vulner20240401.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000