The use of default credentials in UTT HiPER 810 and nv810v4 routers exposes the devices to full remote takeover by unauthenticated attackers.

The firmware contains hardcoded or insecure default credentials for the Telnet management service. An unauthenticated remote attacker can exploit this by using a crafted script to log in and gain root-level privileges.

Unauthorized root access to a core networking device allows attackers to intercept traffic, redirect data, or use the router as a foothold for lateral movement within the corporate network. The CVSS score of 9.8 reflects the ease of exploitation and the critical impact on network infrastructure security.

Immediate Action: Update the router firmware to the latest version and immediately change all default administrative passwords to strong, unique credentials.

Proactive Monitoring: Review Telnet access logs for successful logins from unrecognized IP addresses and monitor for unusual configuration changes on the router.

Compensating Controls: Disable Telnet entirely in favor of SSH and implement access control lists (ACLs) to restrict management interface access to trusted internal IP addresses only.

Public Exploit Available: No

Default credentials are a primary target for automated attacks. Administrators must treat this as a high-priority item, ensuring that firmware is updated and that management services are secured behind strong authentication and network-level restrictions.