PT-2019-7658 · Neet · Neet Airstream Nas

Luke Turvey

Publicado

2019-08-08

Atualizado

2019-08-15

CVE-2016-10862

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Neet AirStream NAS version 1.1

Description The issue concerns a hardcoded password for the root account, which is set to ifconfig. This password cannot be changed through the configuration page, posing a security risk.

Recommendations For Neet AirStream NAS version 1.1, consider changing the root account password manually or through alternative means, as the configuration page does not allow for this change. As a temporary workaround, restrict access to the root account to minimize the risk of exploitation.

Exploit

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

CVE-2016-10862

Produtos afetados

Neet Airstream Nas

PT-2019-7658 · Neet · Neet Airstream Nas

CVE-2016-10862

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3