Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2025/10/16 1:41 a.m.15 views

CVE-2017-20204

DBLTek GoIP devices models GoIP 1, 4, 8, 16, and 32 contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme which is fundamentally flawed. Because the challenge response ca...

9.3CVSS7.9AI score0.00847EPSS
Exploits0References1
OSV
OSV
added 2025/10/15 2:15 a.m.2 views

CVE-2017-20204

DBLTek GoIP devices models GoIP 1, 4, 8, 16, and 32 contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme which is fundamentally flawed. Because the challenge response ca...

9.3CVSS6.1AI score0.00847EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/15 1:20 a.m.6 views

CVE-2017-20204 DBLTek GoIP Telnet Admin Interface Undocumented Backdoor

DBLTek GoIP devices models GoIP 1, 4, 8, 16, and 32 contain an undocumented vendor backdoor in the Telnet administrative interface that allows remote authentication as an undocumented user via a proprietary challenge–response scheme which is fundamentally flawed. Because the challenge response ca...

9.3CVSS7.6AI score0.00847EPSS
Exploits0References4
CVE
CVE
added 2025/10/15 1:20 a.m.14 views

CVE-2017-20204

CVE-2017-20204 affects DBLTek GoIP voice gateway devices (GoIP 1, 4, 8, 16, 32). The Telnet admin interface contains an undocumented vendor backdoor that enables remote authentication as an undocumented user via a flawed challenge–response scheme. Because the challenge can be derived from itself,...

9.3CVSS7.6AI score0.00847EPSS
Exploits0References4
0day.today
0day.today
added 2019/02/18 12:0 a.m.47 views

DASAN H665 Backdoor Account Vulnerability

DASAN H665 has a vendor backdoor built into BusyBox /bin/login that provides remote root access with no password. DASAN H665 has vendor backdoor built into BusyBox /bin/login. Account named "dnsekakf2$$" gives access to admin uid 0 account over telnet without any password, at least for...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2019/02/17 12:0 a.m.83 views

DASAN H665 Backdoor Account

Hi! DASAN H665 has vendor backdoor built into BusyBox /bin/login. Account named "dnsekakf2$$" gives access to admin uid 0 account over telnet without any password, at least for administration interface documented in H665 Quick Guide subnet 192.168.55.0/24 on LAN interface. $ telnet 192.168.55.1...

0.5AI score
Exploits0
CNVD
CNVD
added 2018/07/03 12:0 a.m.3 views

Unspecified Vulnerability in ECOS Secure Boot Stick

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5 that stems from an undocumented vendor backdoor in the...

10CVSS9.2AI score0.01535EPSS
Exploits0References1
CNVD
CNVD
added 2018/07/03 12:0 a.m.2 views

Unspecified Vulnerability in ECOS System Management Appliance

ECOS System Management Appliance a.k.a. SMA is a virtual appliance from ECOS TECHNOLOGY, Germany, for centralized management of ECOS products, which is capable of running on VMware, Crtrix XenServer, and Hyper-V. A security vulnerability exists in ECOS SMA version 5.2.68 that stems from an...

10CVSS6.7AI score0.01535EPSS
Exploits0References1
OSV
OSV
added 2017/04/11 3:59 p.m.2 views

CVE-2017-7462

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory...

9.8CVSS5.8AI score0.12749EPSS
Exploits4References1
NVD
NVD
added 2017/04/11 3:59 p.m.14 views

CVE-2017-7462

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory...

9.8CVSS9.4AI score0.12749EPSS
Exploits4References1
CVE
CVE
added 2017/04/11 3:0 p.m.64 views

CVE-2017-7462

The CVE-2017-7462 entry corresponds to the Intellinet NFC-30ir IP Camera vulnerability where a vendor backdoor allows remote access to a vendor-supplied CGI script in the web directory. Connected sources (CNVD-2017-05506, NVD/CVE-2017-7462, and Exploit-DB entry 41829) corroborate a remote, unauth...

9.8CVSS9.3AI score0.12749EPSS
Exploits4References1Affected Software1
Cvelist
Cvelist
added 2017/04/11 3:0 p.m.22 views

CVE-2017-7462

Intellinet NFC-30ir IP Camera has a vendor backdoor that can allow a remote attacker access to a vendor-supplied CGI script in the web directory...

9.4AI score0.12749EPSS
Exploits4References1
seebug.org
seebug.org
added 2017/03/16 12:0 a.m.49 views

Undocumented Backdoor Account in DBLTek GoIP

Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor in the authentication procedure. The Telnet...

7.4AI score
Exploits0
Rows per page
Query Builder