PT-2018-5085 · Hughes · Hughes Hn7740S+2

Publicado

2018-07-13

Atualizado

2019-10-09

CVE-2016-9495

CVSS v3.1

8.8

Alta

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM

Description The issue concerns the use of hard-coded credentials in the devices. Access to the device can be obtained through the default telnet port (23) by using one of the default credentials shared among all devices.

Recommendations For Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, consider changing the default credentials to unique and strong ones to prevent unauthorized access. As a temporary workaround, restrict access to the default telnet port (23) to minimize the risk of exploitation.

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

CVE-2016-9495

Produtos afetados

Hughes Dw7000

Hughes Hn7000S/Sm

Hughes Hn7740S

PT-2018-5085 · Hughes · Hughes Hn7740S+2

CVE-2016-9495

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4