Lucene search

CVE-2014-6617

🗓️ 09 Mar 2018 20:00:29Reported by mitreType

cve🔗 web.nvd.nist.gov👁 27 Views🌐 WEB

Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 has hardcoded root password, allowing remote admin access via TELNET

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2014-6617	9 Mar 201820:00	–	cvelist
securityvulns	CVE-2014-6617 Softing FG-100 Backdoor Account	10 Nov 201400:00	–	securityvulns
securityvulns	Softing FG-100 security vulnerabilities	10 Nov 201400:00	–	securityvulns
Prion	Hardcoded credentials	9 Mar 201820:29	–	prion
NVD	CVE-2014-6617	9 Mar 201820:29	–	nvd
Packet Storm	Softing FG-100 PB Hardcoded Backdoor	5 Nov 201400:00	–	packetstorm

Nvd

Node

industrial.softing fg-100_pb_profibus_firmwareMatchfg-x00-pb_v2.02.0.00

AND

industrial.softing fg-100_pb_profibusMatch-

Source	Link
securityfocus	www.securityfocus.com/archive/1/533902/100/0/threaded
packetstormsecurity	www.packetstormsecurity.com/files/128976/Softing-FG-100-PB-Hardcoded-Backdoor.html
securityfocus	www.securityfocus.com/bid/70927
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/98512
compass-security	www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2014-005_softring_backdoor_account.txt

Parameter	Position	Path	Description	CWE
root	path	/telnet	TELNET session allowing remote attackers to obtain administrative access using a hardcoded password.	CWE-798
password	path	/telnet	TELNET session allowing remote attackers to obtain administrative access using a hardcoded password.	CWE-798

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Mar 2018 20:29Current

9.3High risk

Vulners AI Score9.3

CVSS210

CVSS39.8

EPSS0.03383

CWE-798