PatchSiren

Hughes Network Systems CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Hughes Network Systems CVE published 2024-09-05

CVE-2024-42495

CVE-2024-42495 (CVSS 6.5, Medium) describes a cleartext credential transmission vulnerability in Hughes Network Systems WL3000 Fusion Software, published 2024-09-05. Device configuration credentials were transmitted via an unencrypted protocol, enabling read-only access to network and terminal configuration data for attackers with adjacent network access. The attack vector is adjacent (AV:A), requires no [truncated]