6 matches found
ZTE ZXV10 W300 Wireless Router Hard-coded Password
Nessus was able to login to the remote device using a known hard-coded password prepended with a portion of the device's MAC address obtained from an SNMP request for the admin account. Attackers can exploit this vulnerability to gain full control of the device. TRUSTED...
ZTE ZXV10 W300 Router信任管理漏洞
CVE ID:CVE-2014-0329 ZTE ZXV10 W300 Router是中国中兴通讯(ZTE)公司的一款无线路由器产品。 ZTE ZXV10 W300路由器2.1.0版本上的TELNET服务中存在安全漏洞,该漏洞源于程序安装使用默认的硬编码凭证,将admin帐户密码‘XXXXairocon’中的前四位设置为MAC地址后四位。远程攻击者可通过已知的密码利用该漏洞获取管理访问权限。 0 ZTE ZXV10 W300 Router 厂商补丁: ZTE ----- 目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:...
ZTE ZXV10 W300 Router - Hard-Coded Credentials
ZTE ZXV10 W300 Router - Hard-Coded Credentials Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm="index.htm"...
ZTE ZXV10 W300 Hardcoded Credentials
Exploit Title: ZTE ZXV10 W300 router contains hardcoded credentials Date: 03 Feb 2014 Exploit Author: Cesar Neira Vendor Homepage: http://wwwen.zte.com.cn/ Version: ZTE ZXV10 W300 v2.1 CVE : CVE-2014-0329 Dork Shodan: Basic realm="index.htm" References:...
CVE-2014-0329
The CVE-2014-0329 issue affects ZTE ZXV10 W300 router (v2.1.0) where the TELNET service exposes a hard-coded admin password ending in “airocon,” with the first four characters derived from the device MAC. Remote attackers can gain administrator access using this credential, as documented in multi...
ZTE ZXV10 W300 router contains hardcoded credentials
Overview ZTE ZXV10 W300 router version 2.1.0, and possibly earlier versions, contains hardcoded credentials. CWE-798 Description ZTE ZXV10 W300 router contains hardcoded credentials that are useable for the telnet service on the device. The username is "admin" and the password is "XXXXairocon"...