CVE-2023-35836 Information

Description

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device including the Wi-Fi PSK during device setup and reconfiguration. Upon success the attacker is able to further infiltrate the target’s Wi-Fi networks.

Reference

https://yougottahackthat.com/blog/ https://www.solaxpower.com/help/upgrading-the-pocket-wifi-firmware/ https://www.solaxpower.com/downloads/ https://yougottahackthat.com/blog/1370/solax-inverters-pocket-wifi-using-poor-authentication