Vulners
Lucene search
DlxSpot Hardcoded Password
🗓️ 19 Sep 2017 00:00:00Reported by Simon BrannstromType 
packetstorm🔗 packetstormsecurity.com👁 49 Views
| Reporter | Title | Published | Views | Family All 30 |
|---|---|---|---|---|
 | Tecnovision DLX Spot - SSH Backdoor Vulnerability | 19 Sep 201700:00 | – | zdt |
| Tecnovision DLX Spot - Authentication Bypass Vulnerability | 19 Sep 201700:00 | – | zdt |
| Tecnovision DLX Spot - Arbitrary File Upload Vulnerability | 19 Sep 201700:00 | – | zdt |
 | TecnoVISION DLX Spot Player4 Elevation of Privilege Vulnerability | 22 Sep 201700:00 | – | cnvd |
| TecnoVISION DLX Spot Player4 Arbitrary File Upload Vulnerability | 22 Sep 201700:00 | – | cnvd |
| TecnoVISION DLX Spot Player4 SQL Injection Vulnerability | 22 Sep 201700:00 | – | cnvd |
 | CVE-2017-12928 | 21 Sep 201716:00 | – | cve |
| CVE-2017-12929 | 21 Sep 201716:00 | – | cve |
| CVE-2017-12930 | 21 Sep 201716:00 | – | cve |
 | CVE-2017-12928 | 21 Sep 201716:00 | – | cvelist |
10
`# Exploit Title: DlxSpot - Player4 LED video wall - Hardcoded Root SSH
Password.
# Google Dork: "DlxSpot - Player4"
# Date: 2017-05-14
# Discoverer: Simon Brannstrom
# Authors Website: https://unknownpwn.github.io/
# Vendor Homepage: http://www.tecnovision.com/
# Software Link: n/a
# Version: All known versions
# Tested on: Linux
# About: DlxSpot is the software controlling Tecnovision LED Video Walls
all over the world, they are used in football arenas, concert halls,
shopping malls, as roadsigns etc.
# CVE: CVE-2017-12928
# Linked CVE's: CVE-2017-12929, CVE-2017-12930
# Visit my github page at
https://github.com/unknownpwn/unknownpwn.github.io/blob/master/README.md
for complete takeover of the box, from SQLi to root access.
###############################################################################################################################
Hardcoded password for all dlxspot players, login with the following
credentials via SSH
username: dlxuser
password: tecn0visi0n
Escalate to root with the same password.
TIMELINE:
2017-05-14 - Discovery of vulnerabilities.
2017-05-15 - Contacted Tecnovision through contact form on manufacturer
homepage.
2017-06-01 - No response, tried contacting again through several contact
forms on homepage.
2017-08-10 - Contacted Common Vulnerabilities and Exposures (CVE)
requesting CVE assignment.
2017-08-17 - Three CVE's assigned for the vulnerabilities found.
2017-08-22 - With help from fellow hacker and friend, byt3bl33d3r, sent an
email in Italian to the company.
2017-09-18 - No response, full public disclosure.
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Sep 2017 00:00Current
0.1Low risk
Vulners AI Score0.1
EPSS0.03913