Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

COVR 3902 1.01B0 Hardcoded Credentials

Related Vulnerabilities: CVE-2018-20432  
Publish Date: 02 Sep 2020
Author: CSW Research Lab
Source 
                							

                *Title*: Telnet Hardcoded Credentials

*Summary*:  The latest versions of the firmware have hardcoded default
credentials that can be exploited by an unauthenticated attacker to gain
privileged access to the firmware and to extract sensitive data

*Affected Firmware:*  COVR-3902_REVA_ROUTER_FIRMWARE_v1.01B0

*CVE:* CVE-2018-20432

*Proof of Concept: *
Step 1: “cat ./etc/init0.d/S80telnetd.sh” to get a username
Step 2:  “cat ./etc/config/image_sign” to get a password.

Username: Alphanetworks
Password: wrgac61_dlink.2015_dir883

----------
Cheers !!!
Team CSW Research Lab <http://www.cybersecurityworks.com>


<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started