PT-2015-3335 · Gynoii · Gynoii

Publicado

2015-07-04

Atualizado

2017-04-13

CVE-2015-2881

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Gynoii (affected versions not specified)

Description The issue is related to the presence of predefined 'guest' and 'admin' accounts with passwords 'guest' and '12345' respectively. This could allow a remote attacker to gain access to the device using the web interface.

Recommendations For all affected versions, consider changing the default passwords of the 'guest' and 'admin' accounts to strong, unique passwords to prevent unauthorized access. As a temporary workaround, restrict access to the web interface until the issue is resolved. Avoid using the default passwords for the 'guest' and 'admin' accounts in the device configuration.

Exploit

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

BDU:2017-02469

CVE-2015-2881

Produtos afetados

Gynoii

PT-2015-3335 · Gynoii · Gynoii

CVE-2015-2881

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3