CVE-2024-39345: n/a
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final octet. This allows network-adjacent attackers to derive the support user's SSH password by decrementing the final octet of the connected gateway address or via the BSSID. An attacker can then execute arbitrary OS commands with root-level privileges. NOTE: The vendor states that there is no intended functionality allowing an attacker to execute arbitrary OS Commands with root-level privileges. The vendor also states that this issue was fixed in SmartOS 12.5.5.1.
AI Analysis
Technical Summary
CVE-2024-39345 is a high-severity vulnerability found in AdTran 834-5 devices running SmartOS version 11.1.1.1. These devices have SSH enabled by default and include a hidden, undocumented support user account whose password is deterministically derived from the device’s MAC address. Since the MAC addresses of the device’s internet-facing interfaces differ only in the last octet, an attacker with network adjacency can deduce the support account password by decrementing the final octet of the connected gateway’s MAC address or by analyzing the BSSID. This predictable password scheme effectively exposes the support account to unauthorized access. Once authenticated via SSH, the attacker gains root-level privileges, enabling execution of arbitrary operating system commands. The vendor has stated that this behavior was unintended and has released a fix in SmartOS 12.5.5.1. The vulnerability is classified under CWE-259 (Use of Hard-coded Password) and has a CVSS v3.1 score of 7.5, reflecting high impact on confidentiality, integrity, and availability. Exploitation requires network adjacency and low privileges but no user interaction. No public exploits have been reported so far. This vulnerability highlights the risks of embedded backdoor accounts and weak password derivation schemes in network infrastructure devices.
Potential Impact
The impact of CVE-2024-39345 is significant for organizations deploying AdTran 834-5 devices with affected SmartOS versions, especially those with internet-facing or otherwise exposed network interfaces. An attacker who can connect to the local network or access the device’s network segment can derive the support account password and gain root-level SSH access. This compromises the confidentiality, integrity, and availability of the device and potentially the broader network. Attackers could execute arbitrary commands, install persistent malware, intercept or manipulate network traffic, or disrupt service. Given that these devices are often used in enterprise and service provider environments, the vulnerability could lead to widespread network compromise, data breaches, and operational outages. The lack of user interaction and the default enablement of SSH increase the risk. Although no exploits are known in the wild yet, the vulnerability’s simplicity and deterministic password derivation make it a likely target for attackers once widely known.
Mitigation Recommendations
To mitigate CVE-2024-39345, organizations should immediately identify any AdTran 834-5 devices running SmartOS 11.1.1.1 or earlier versions. The primary remediation is to upgrade the device firmware to SmartOS 12.5.5.1 or later, where the vulnerability has been fixed. Until upgrades can be applied, network administrators should restrict access to the affected devices’ management interfaces by implementing strict network segmentation and firewall rules to limit SSH access only to trusted hosts. Disable SSH if it is not required. Change or disable any undocumented or support accounts if possible, or at least change their passwords to strong, non-predictable values. Monitor device logs and network traffic for unusual SSH login attempts or command execution. Employ network intrusion detection systems to detect anomalous behavior. Coordinate with AdTran support for any additional vendor-specific guidance. Avoid exposing these devices directly to untrusted networks or the internet. Regularly audit device configurations for hidden accounts or backdoors.
Affected Countries
United States, Canada, United Kingdom, Germany, France, Australia, Japan, South Korea, India, Brazil
CVE-2024-39345: n/a
Description
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final octet. This allows network-adjacent attackers to derive the support user's SSH password by decrementing the final octet of the connected gateway address or via the BSSID. An attacker can then execute arbitrary OS commands with root-level privileges. NOTE: The vendor states that there is no intended functionality allowing an attacker to execute arbitrary OS Commands with root-level privileges. The vendor also states that this issue was fixed in SmartOS 12.5.5.1.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-39345 is a high-severity vulnerability found in AdTran 834-5 devices running SmartOS version 11.1.1.1. These devices have SSH enabled by default and include a hidden, undocumented support user account whose password is deterministically derived from the device’s MAC address. Since the MAC addresses of the device’s internet-facing interfaces differ only in the last octet, an attacker with network adjacency can deduce the support account password by decrementing the final octet of the connected gateway’s MAC address or by analyzing the BSSID. This predictable password scheme effectively exposes the support account to unauthorized access. Once authenticated via SSH, the attacker gains root-level privileges, enabling execution of arbitrary operating system commands. The vendor has stated that this behavior was unintended and has released a fix in SmartOS 12.5.5.1. The vulnerability is classified under CWE-259 (Use of Hard-coded Password) and has a CVSS v3.1 score of 7.5, reflecting high impact on confidentiality, integrity, and availability. Exploitation requires network adjacency and low privileges but no user interaction. No public exploits have been reported so far. This vulnerability highlights the risks of embedded backdoor accounts and weak password derivation schemes in network infrastructure devices.
Potential Impact
The impact of CVE-2024-39345 is significant for organizations deploying AdTran 834-5 devices with affected SmartOS versions, especially those with internet-facing or otherwise exposed network interfaces. An attacker who can connect to the local network or access the device’s network segment can derive the support account password and gain root-level SSH access. This compromises the confidentiality, integrity, and availability of the device and potentially the broader network. Attackers could execute arbitrary commands, install persistent malware, intercept or manipulate network traffic, or disrupt service. Given that these devices are often used in enterprise and service provider environments, the vulnerability could lead to widespread network compromise, data breaches, and operational outages. The lack of user interaction and the default enablement of SSH increase the risk. Although no exploits are known in the wild yet, the vulnerability’s simplicity and deterministic password derivation make it a likely target for attackers once widely known.
Mitigation Recommendations
To mitigate CVE-2024-39345, organizations should immediately identify any AdTran 834-5 devices running SmartOS 11.1.1.1 or earlier versions. The primary remediation is to upgrade the device firmware to SmartOS 12.5.5.1 or later, where the vulnerability has been fixed. Until upgrades can be applied, network administrators should restrict access to the affected devices’ management interfaces by implementing strict network segmentation and firewall rules to limit SSH access only to trusted hosts. Disable SSH if it is not required. Change or disable any undocumented or support accounts if possible, or at least change their passwords to strong, non-predictable values. Monitor device logs and network traffic for unusual SSH login attempts or command execution. Employ network intrusion detection systems to detect anomalous behavior. Coordinate with AdTran support for any additional vendor-specific guidance. Avoid exposing these devices directly to untrusted networks or the internet. Regularly audit device configurations for hidden accounts or backdoors.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2024-06-24T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 699f6c87b7ef31ef0b565e88
Added to database: 2/25/2026, 9:41:27 PM
Last enriched: 2/26/2026, 5:55:22 AM
Last updated: 4/12/2026, 2:46:39 PM
Views: 10
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.