CVE-2023-30603

Hitron Technologies Inc. CODA-5310 - Using default credentials

Description

Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is no warning or prompt to ask users to change the default password and account. An unauthenticated remote attackers can exploit this vulnerability to obtain the administrator’s privilege, resulting in performing arbitrary system operation or disrupt service.

Remediation

Solution:

  • Hitron Technologies Inc. has provided a problem-solving version to the internet service provider and informed them to upgrade. If there are any issues, please contact the network provider.

Category

9.8
CVSS
Severity: Critical
CVSS 3.1 •
EPSS 0.85% Top 30%
Third-Party Advisory org.tw
Affected: Hitron Technologies Inc. Hitron CODA-5310
Published at:
Updated at:

References

Link Tags
https://www.twcert.org.tw/tw/cp-132-7085-13321-1.html third party advisory

Frequently Asked Questions

What is the severity of CVE-2023-30603?
CVE-2023-30603 has been scored as a critical severity vulnerability.
How to fix CVE-2023-30603?
To fix CVE-2023-30603: Hitron Technologies Inc. has provided a problem-solving version to the internet service provider and informed them to upgrade. If there are any issues, please contact the network provider.
Is CVE-2023-30603 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-30603 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-30603?
CVE-2023-30603 affects Hitron Technologies Inc. Hitron CODA-5310.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.