CVE-2017-12574

Name of the Vulnerable Software and Affected Versions: PLANEX CS-W50HD devices with firmware prior to 030720

Description: A hardcoded credential supervisor:dangerous is injected into the web authentication database /.htpasswd during the booting process, allowing attackers to gain unauthorized access and control the device completely. The account cannot be modified or deleted.

Recommendations: For PLANEX CS-W50HD devices with firmware prior to 030720, update the firmware to version 030720 or later to remove the hardcoded credential. As a temporary workaround, consider restricting access to the device until the firmware can be updated.