CVE-2026-23647
Hard-Coded Credentials in Glory RBG-100 Enable Remote Root Access
Publication date: 2026-02-17
Last updated on: 2026-02-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| glory | rbgsystem | * |
| glory | ispk-08 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-23647 affects the Glory RBG-100 Recycler System, specifically the ISPK-08 software component, which contains hard-coded operating system credentials embedded in the system's firmware."}, {'type': 'paragraph', 'content': 'Multiple local user accounts, including those with administrative privileges, have fixed, hard-coded passwords. This allows an attacker with network access to exposed services such as SSH to remotely authenticate to the underlying Linux system without authorization.'}, {'type': 'paragraph', 'content': 'Successful exploitation grants remote access with elevated privileges and may lead to full system compromise.'}] [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to remotely access the affected system with elevated privileges without needing any prior authentication.
Such unauthorized access can lead to a full system compromise, potentially allowing the attacker to control the system, access sensitive data, disrupt operations, or use the system as a foothold for further attacks.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability involves hard-coded operating system credentials embedded in the Glory RBG-100 recycler system's ISPK-08 software component, allowing remote authentication via exposed services such as SSH."}, {'type': 'paragraph', 'content': "To detect this vulnerability on your system, you can attempt to authenticate to the system's SSH service using known or suspected hard-coded credentials if available. Additionally, you can scan your network for devices running the Glory RBG-100 system or ISPK-08 software and check for open SSH ports."}, {'type': 'list_item', 'content': 'Use nmap to scan for open SSH ports on your network: nmap -p 22 --open -sV <target-ip-range>'}, {'type': 'list_item', 'content': 'Attempt SSH login using suspected hard-coded credentials (if known) to verify unauthorized access: ssh <username>@<target-ip>'}, {'type': 'list_item', 'content': 'Check for multiple local user accounts with fixed passwords by auditing the system if you have access.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the affected devices, especially blocking or limiting access to exposed services such as SSH.
If possible, change the hard-coded passwords on all local user accounts, especially those with administrative privileges, to unique, strong passwords.
If the vendor provides a patch or updated firmware that removes or changes the hard-coded credentials, apply it as soon as it becomes available.
Monitor network traffic and system logs for unauthorized access attempts and unusual activity.