The use of hardcoded keys and weak AES-ECB encryption for credential storage allows unauthenticated attackers to decrypt and recover administrative usernames and passwords.

The affected software stores user credentials in a configuration file using AES-ECB encryption with a hardcoded cryptographic key. An unauthenticated remote attacker who obtains the configuration file can easily decrypt the contents to recover plaintext usernames and passwords.

This vulnerability facilitates full administrative takeover of the affected system. When combined with other flaws like authentication bypass, it allows an attacker to gain permanent access to the device. The CVSS score of 9.8 highlights the critical risk of total identity and access management failure.

Immediate Action: Update the software to a version that implements secure credential hashing (e.g., Argon2 or bcrypt) and removes hardcoded keys.

Proactive Monitoring: Monitor for unauthorized access to configuration files and review administrative login logs for anomalous activity.

Compensating Controls: Ensure that configuration files are not accessible via the web root and implement strict file system permissions to prevent unauthorized reads.

Public Exploit Available: false

The reliance on hardcoded keys for credential storage is a high-severity design flaw. It is imperative that administrators apply the vendor's update immediately and rotate all administrative passwords once the patch has been successfully deployed.