PT-2019-11873 · Glory · Glory Rbw-100

Published

2019-04-05

Updated

2019-04-09

CVE-2019-10479

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Glory RBW-100 version 7.0.0

Description A hard-coded username and password were found, allowing a remote attacker to gain admin access to the Front Circle Controller web interface.

Recommendations For version 7.0.0, consider changing the hard-coded username and password to unique, secure credentials to prevent unauthorized access. As a temporary workaround, restrict access to the Front Circle Controller web interface until a patch is available.

Exploit

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2019-10479

Affected Products

Glory Rbw-100

PT-2019-11873 · Glory · Glory Rbw-100

CVE-2019-10479

Weakness Enumeration

Related Identifiers

Affected Products

References · 3