【資安漏洞預警】普羅通信|PrismX MX100 AP controller - 存在Use of Hard-coded Credentials漏洞
[Security Vulnerability Alert] ProCommunicators | PrismX MX100 AP controller - Vulnerability of Use of Hard-coded Credentials Exists

發布單位:圖資處數位服務組
日期範圍:2026/1/23 ~ 2026/7/23
 
發布單位:圖資處數位服務組
日期範圍:2026/1/23 ~ 2026/7/23
行政 行政公告
全體

轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202601-00000020

[內容說明]
【普羅通信|PrismX MX100 AP controller - Use of Hard-coded Credentials】(CVE-2026-1221,CVSS:9.8) PrismX MX100 AP controller存在Use of Hard-coded Credentials漏洞,未經身分鑑別之遠端攻擊者可利用寫入於韌體中的資料庫帳號與通行碼登入資料庫。

[影響平台]
PrismX MX100 AP controller v1.03.23.01(不含)以前版本

[建議措施]
請更新韌體至v1.03.23.01(含)以後版本

[參考資料]
1. https://www.twcert.org.tw/tw/cp-132-10642-3b808-1.html

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202601-00000020

[Content Description]
【Procomm | PrismX MX100 AP controller - Use of Hard-coded Credentials】(CVE-2026-1221, CVSS: 9.8) The PrismX MX100 AP controller contains a Use of Hard-coded Credentials vulnerability. Unauthenticated remote attackers can use database accounts and access codes written to the firmware to log in to the database.

[Affected Platforms]
PrismX MX100 AP controller versions prior to v1.03.23.01 (excluding v1.03.23.01)

[Recommended Action]
Please update the firmware to v1.03.23.01 (inclusive) or later.

[References]
1. https://www.twcert.org.tw/tw/cp-132-10642-3b808-1.html


相關附件
system_update_alt參考資料
【返回上頁】
Top↑