VYPR

Nova 227

by Baicells

CVEs (2)

  • CVE-2023-24508Jan 24, 2023
    risk 0.00cvss epss 0.02

    Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The…

  • CVE-2023-24022Jan 24, 2023
    risk 0.00cvss epss 0.02

    Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by…