Lucene search

K
cve[email protected]CVE-2015-2904
HistoryAug 23, 2015 - 9:59 p.m.

CVE-2015-2904

2015-08-2321:59:00
web.nvd.nist.gov
22
cve-2015-2904
actiontec gt784wn
firmware
hardcoded credentials
remote attack
root access
nvd

7 High

AI Score

Confidence

Low

8.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.7%

Actiontec GT784WN modems with firmware before NCS01-1.0.13 have hardcoded credentials, which makes it easier for remote attackers to obtain root access by connecting to the web administration interface.

Affected configurations

NVD
Node
actiontec_ncs01_firmwareRange1.0.12
AND
actiontecgt784wn_wireless_n_dsl_modemMatch-

7 High

AI Score

Confidence

Low

8.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

68.7%

Related for CVE-2015-2904