An issue exists in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
infiray iray-a8z3_firmware 1.0.957 |