PT-2013-1698 · Turck · Turck Bl20 Programmable Gateway+1

Rubén Santamarta

Published

2013-05-23

Updated

2013-06-24

CVE-2012-4697

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions TURCK BL20 Programmable Gateway (affected versions not specified) TURCK BL67 Programmable Gateway (affected versions not specified)

Description The issue allows remote attackers to obtain administrative access via an FTP session due to hardcoded accounts.

Recommendations For TURCK BL20 Programmable Gateway, change the hardcoded account credentials to unique and secure values. For TURCK BL67 Programmable Gateway, change the hardcoded account credentials to unique and secure values.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2012-4697

Affected Products

Turck Bl20 Programmable Gateway

Turck Bl67 Programmable Gateway

PT-2013-1698 · Turck · Turck Bl20 Programmable Gateway+1

CVE-2012-4697

Weakness Enumeration

Related Identifiers

Affected Products

References · 2