What the vulnerability does

01Description

HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may connect to the product via SSH and use a shell.

Key dates

02Disclosure timeline

March 25, 2024 CVE published
September 19, 2025 Record updated