COVR 3902 1.01B0 Hardcoded Credentials

2020.09.07

Credit: CSW Research Lab

Risk: High

Local: No

Remote: Yes

CVE: CVE-2018-20432

CWE: CWE-798

CVSS Base Score: 10/10

Impact Subscore: 10/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Complete

Integrity impact: Complete

Availability impact: Complete

*Title*: Telnet Hardcoded Credentials
*Summary*: The latest versions of the firmware have hardcoded default
credentials that can be exploited by an unauthenticated attacker to gain
privileged access to the firmware and to extract sensitive data
*Affected Firmware:* COVR-3902_REVA_ROUTER_FIRMWARE_v1.01B0
*CVE:* CVE-2018-20432
*Proof of Concept: *
Step 1: “cat ./etc/init0.d/S80telnetd.sh” to get a username
Step 2: “cat ./etc/config/image_sign” to get a password.
Username: Alphanetworks
Password: wrgac61_dlink.2015_dir883
----------
Cheers !!!
Team CSW Research Lab <http://www.cybersecurityworks.com>

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

COVR 3902 1.01B0 Hardcoded Credentials

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.