[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-24444":6},{"stargazers_count":4,"fetched_at":5},6,"2026-05-28T19:18:46.832Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":171,"aliases":181,"duplicate_of":9,"upstream":182,"downstream":183,"duplicates":184,"related":185,"reserved_at":9,"published_at":186,"modified_at":187,"state":188,"summary":189,"references_raw":195,"kevs":207,"epss":9,"epss_history":208,"metrics":209,"affected":221},"CVE-2026-24444","SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (mgmt.php, npcmd.php) that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the recovery endpoint via HTTP. Attackers can leverage this hardcoded password to enable filtered SSH and Telnet services on the device, resulting in unauthenticated root-level remote access to the underlying system.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-798","Use of Hard-coded Credentials","The product contains hard-coded credentials, such as a password or cryptographic key.","weakness","Draft","Base","High",[20,118],{"id":21,"name":22,"techniques":23},"CAPEC-191","Read Sensitive Constants Within an Executable",[24],{"id":25,"name":26,"tactics":27,"countermeasures":31},"T1552.001","Credentials In Files",[28],{"id":29,"name":30},"TA0031","Credential Access",[32,37,41,45,50,54,58,63,67,72,76,80,84,89,93,98,102,106,110,114],{"id":33,"name":34,"tactic":35},"D3-CCSA","Credential Compromise Scope Analysis",{"name":36},"Detect",{"id":38,"name":39,"tactic":40},"D3-FA","File Analysis",{"name":36},{"id":42,"name":43,"tactic":44},"D3-FIM","File Integrity Monitoring",{"name":36},{"id":46,"name":47,"tactic":48},"D3-CR","Credential Revocation",{"name":49},"Evict",{"id":51,"name":52,"tactic":53},"D3-ANCI","Authentication Cache Invalidation",{"name":49},{"id":55,"name":56,"tactic":57},"D3-FEV","File Eviction",{"name":49},{"id":59,"name":60,"tactic":61},"D3-DUC","Decoy User Credential",{"name":62},"Deceive",{"id":64,"name":65,"tactic":66},"D3-DF","Decoy File",{"name":62},{"id":68,"name":69,"tactic":70},"D3-CH","Credential Hardening",{"name":71},"Harden",{"id":73,"name":74,"tactic":75},"D3-MFA","Multi-factor Authentication",{"name":71},{"id":77,"name":78,"tactic":79},"D3-CRO","Credential Rotation",{"name":71},{"id":81,"name":82,"tactic":83},"D3-FE","File Encryption",{"name":71},{"id":85,"name":86,"tactic":87},"D3-RIC","Reissue Credential",{"name":88},"Restore",{"id":90,"name":91,"tactic":92},"D3-RF","Restore File",{"name":88},{"id":94,"name":95,"tactic":96},"D3-CTS","Credential Transmission Scoping",{"name":97},"Isolate",{"id":99,"name":100,"tactic":101},"D3-CF","Content Filtering",{"name":97},{"id":103,"name":104,"tactic":105},"D3-LFP","Local File Permissions",{"name":97},{"id":107,"name":108,"tactic":109},"D3-RFAM","Remote File Access Mediation",{"name":97},{"id":111,"name":112,"tactic":113},"D3-CQ","Content Quarantine",{"name":97},{"id":115,"name":116,"tactic":117},"D3-CM","Content Modification",{"name":97},{"id":119,"name":120,"techniques":121},"CAPEC-70","Try Common or Default Usernames and Passwords",[122],{"id":123,"name":124,"tactics":125,"countermeasures":141},"T1078.001","Default Accounts",[126,129,132,135,138],{"id":127,"name":128},"TA0030","Defense Evasion",{"id":130,"name":131},"TA0005","Stealth",{"id":133,"name":134},"TA0110","Persistence",{"id":136,"name":137},"TA0111","Privilege Escalation",{"id":139,"name":140},"TA0108","Initial Access",[142,147,151,155,159,163,167],{"id":143,"name":144,"tactic":145},"D3-AM","Access Modeling",{"name":146},"Model",{"id":148,"name":149,"tactic":150},"D3-AL","Account Locking",{"name":49},{"id":152,"name":153,"tactic":154},"D3-AA","Agent Authentication",{"name":71},{"id":156,"name":157,"tactic":158},"D3-CDP","Change Default Password",{"name":71},{"id":160,"name":161,"tactic":162},"D3-ULA","Unlock Account",{"name":88},{"id":164,"name":165,"tactic":166},"D3-RUAA","Restore User Account Access",{"name":88},{"id":168,"name":169,"tactic":170},"D3-UAP","User Account Permissions",{"name":97},[172],{"_key":173,"name":174,"source":175,"url":176,"maturity":177,"reliability_score":178,"verified":179,"type":9,"platforms":180,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_A9D4789038D8891F","Exploit Reference (kr3bz.wtf)","reference","https://www.kr3bz.wtf/posts/sdmc-ne6037-router-recovery-backdoor/","unknown",0.2,false,[],[],[],[],[],[],"2026-05-28T15:32:14.333Z","2026-05-28T17:29:24.215Z","Received",{"cisa_kev":179,"cisa_ransomware":179,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":190,"severity_score":191,"severity_version":192,"severity_source":193,"severity_vector":194,"severity_status":188},"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[196,202],{"url":176,"sources":197,"tags":199},[193,198],"nvd",[200,201],"Technical Description","Exploit",{"url":203,"sources":204,"tags":205},"https://en.sdmctech.com/product/DOCSIS_234.html",[193,198],[206],"Product",[],[],[210,217],{"source":193,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":211,"cvss_v4_0":214},{"baseScore":191,"baseSeverity":212,"vectorString":194,"impactScore":191,"exploitabilityScore":213},"CRITICAL",10,{"baseScore":215,"baseSeverity":212,"vectorString":216,"impactScore":9,"exploitabilityScore":9},9.3,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",{"source":198,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":218,"cvss_v4_0":219},{"baseScore":191,"baseSeverity":212,"vectorString":194,"impactScore":191,"exploitabilityScore":213},{"baseScore":215,"baseSeverity":212,"vectorString":220,"impactScore":9,"exploitabilityScore":9},"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",[222],{"ecosystem":9,"name":223,"vendor":224,"product":225,"cpe_part":226,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":227},"NE6037","sdmc technology co., ltd","ne6037","a",[228,231],{"version":229,"is_range":179,"range_type":193,"version_start":229,"version_start_type":230,"version_end":229,"version_end_type":230,"fixed_in":9},"7.1.6.0.25","including",{"version":232,"is_range":179,"range_type":193,"version_start":232,"version_start_type":230,"version_end":232,"version_end_type":230,"fixed_in":9},"7.1.6.1.9_B9"]