Unrated severityNVD Advisory· Published Oct 30, 2024· Updated Nov 3, 2025

CVE-2024-28875

Description

A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows attackers to gain unauthorized access during the first 30 seconds post-boot. Other vulnerabilities can force a reboot, circumventing the initial time restriction for exploitation.The backdoor string can be found at address 0x80100910

80100910 40 6d 21 74 ds "@m!t2K1" 32 4b 31 00

It is referenced by the function located at 0x800b78b0 and is used as shown in the pseudocode below:

if ((SECOND_FROM_BOOT_TIME < 300) && (is_equal = strcmp(password,"@m!t2K1")) { return 1;}

Where 1 is the return value to admin-level access (0 being fail and 3 being user).

Affected products

Level Platforms/Wbr 6012v5
Range: R0.40e6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

talosintelligence.com/vulnerability_reports/TALOS-2024-1979mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000