CVE Vulnerabilities

CVE-2024-7007

Authentication Bypass Using an Alternate Path or Channel

Published: Jul 25, 2024 | Modified: Nov 21, 2024
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass exploit that could allow an attacker to have unauthorized access to protected areas of the application.

Weakness

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

Affected Software

Name Vendor Start Version End Version
Tra7005_firmware Positron 1.20 (including) 1.20 (including)

Potential Mitigations

References