Lucene search
K

6 matches found

NVD
NVD
added 2011/02/08 10:0 p.m.19 views

CVE-2011-0885

A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the 1 web interface or 2 TELNET interface...

10CVSS6.8AI score0.10069EPSS
Exploits6References8
NVD
NVD
added 2011/02/08 10:0 p.m.14 views

CVE-2011-0887

The web management portal on the SMC SMCD3G-CCR aka Comcast Business Gateway with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie...

4.3CVSS6.6AI score0.04668EPSS
Exploits6References8
CVE
CVE
added 2011/02/08 9:0 p.m.50 views

CVE-2011-0885

The CVE-2011-0885 entry affects Comcast DOCSIS 3.0 Business Gateway (SMCD3G-CCR) prior to firmware 1.4.0.49.2. Trustwave’s TWSL2011-002 describes a default credential flaw: the admin login is “mso” with password “D0nt4g3tme,” enabling remote administrative access via web or TELNET. The advisory a...

10CVSS6.9AI score0.10069EPSS
Exploits6References8Affected Software2
CVE
CVE
added 2011/02/08 9:0 p.m.45 views

CVE-2011-0886

The CVE-2011-0886 entry refers to CSRF flaws in the Comcast DOCSIS 3.0 Business Gateway (SMCD3G-CCR) web interface prior to firmware 1.4.0.49.2. Vulnerabilities include: (1) login CSRF that can hijack intranet connectivity, (2) CSRF allowing remote admin activation via goform/RemoteRange, and (3)...

6.8CVSS7.4AI score0.02611EPSS
Exploits6References8Affected Software2
Cvelist
Cvelist
added 2011/02/08 9:0 p.m.28 views

CVE-2011-0885

A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the 1 web interface or 2 TELNET interface...

6.8AI score0.10069EPSS
Exploits6References8
CVE
CVE
added 2011/02/08 9:0 p.m.49 views

CVE-2011-0887

The CVE-2011-0887 entry refers to the Comcast DOCSIS 3.0 Business Gateway (SMCD3G-CCR) web management portal. Affected firmware prior to 1.4.0.49.2 uses a predictable session ID (“userid” cookie) derived from epoch time, enabling brute-forcing to hijack active sessions. Trustwave’s SpiderLabs adv...

4.3CVSS6.7AI score0.04668EPSS
Exploits6References8Affected Software2
Rows per page
Query Builder