Vulnerabilities > CVE-2023-35836 - Unspecified vulnerability in Solax Pocket Wifi 3 Firmware 3.0.0/3.009.0320230504
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE low complexity
solax
Summary
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the target's Wi-Fi networks.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 | |
| Hardware | 1 |
References
- https://www.solaxpower.com/downloads/
- https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/
- https://yougottahackthat.com/blog/
- https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication
- https://www.solaxpower.com/downloads/
- https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication
- https://yougottahackthat.com/blog/
- https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/