CVE-2015-2909
Summary
| CVE | CVE-2015-2909 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-02-06 15:15:00 UTC |
| Updated | 2020-02-12 21:34:00 UTC |
| Description | Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in which this warning was not heeded. NOTE: the vendor states "The user is presented with clear warnings on the GUI that they should set usernames and passwords." |
Risk And Classification
Problem Types: CWE-269
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Netvu | Ds2 Dvtr | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtr Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtu | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtu Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtx | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtx Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtx Netvu Connected | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtx Netvu Connected Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 M2ip | - | All | All | All |
| Operating System | Netvu | Ds2 M2ip Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtr | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtr | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtr Firmware | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtr Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtu | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtu | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtu Firmware | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtu Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtx | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtx | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtx Firmware | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtx Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtx Netvu Connected | - | All | All | All |
| Hardware | Netvu | Ds2 Dvtx Netvu Connected | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtx Netvu Connected Firmware | - | All | All | All |
| Operating System | Netvu | Ds2 Dvtx Netvu Connected Firmware | - | All | All | All |
| Hardware | Netvu | Ds2 M2ip | - | All | All | All |
| Hardware | Netvu | Ds2 M2ip | - | All | All | All |
| Operating System | Netvu | Ds2 M2ip Firmware | - | All | All | All |
| Operating System | Netvu | Ds2 M2ip Firmware | - | All | All | All |
| Hardware | Netvu | Dv-ip Express | - | All | All | All |
| Hardware | Netvu | Dv-ip Express | - | All | All | All |
| Operating System | Netvu | Dv-ip Express Firmware | - | All | All | All |
| Operating System | Netvu | Dv-ip Express Firmware | - | All | All | All |
| Hardware | Netvu | Ecosense 4/8/16 M4t | - | All | All | All |
| Operating System | Netvu | Ecosense 4/8/16 M4t Firmware | - | All | All | All |
| Hardware | Netvu | Ecosense 4/8/16 M4t | - | All | All | All |
| Hardware | Netvu | Ecosense 4/8/16 M4t | - | All | All | All |
| Operating System | Netvu | Ecosense 4/8/16 M4t Firmware | - | All | All | All |
| Operating System | Netvu | Ecosense 4/8/16 M4t Firmware | - | All | All | All |
| Hardware | Netvu | Sd-advanced - Sdhd | All | All | All | All |
| Hardware | Netvu | Sd-advanced - Sdhd | All | All | All | All |
| Operating System | Netvu | Sd-advanced - Sdhd Firmware | - | All | All | All |
| Operating System | Netvu | Sd-advanced - Sdhd Firmware | - | All | All | All |
| Hardware | Netvu | Sd-advanced 8/12/16 Vga | - | All | All | All |
| Operating System | Netvu | Sd-advanced 8/12/16 Vga Firmware | - | All | All | All |
| Hardware | Netvu | Sd-advanced 8/12/16 Vga | - | All | All | All |
| Hardware | Netvu | Sd-advanced 8/12/16 Vga | - | All | All | All |
| Operating System | Netvu | Sd-advanced 8/12/16 Vga Firmware | - | All | All | All |
| Operating System | Netvu | Sd-advanced 8/12/16 Vga Firmware | - | All | All | All |
| Hardware | Netvu | Sd 32 M3g | - | All | All | All |
| Operating System | Netvu | Sd 32 M3g Firmware | - | All | All | All |
| Hardware | Netvu | Sd 32 M3h | - | All | All | All |
| Operating System | Netvu | Sd 32 M3h Firmware | - | All | All | All |
| Hardware | Netvu | Sd 32 M3g | - | All | All | All |
| Hardware | Netvu | Sd 32 M3g | - | All | All | All |
| Operating System | Netvu | Sd 32 M3g Firmware | - | All | All | All |
| Operating System | Netvu | Sd 32 M3g Firmware | - | All | All | All |
| Hardware | Netvu | Sd 32 M3h | - | All | All | All |
| Hardware | Netvu | Sd 32 M3h | - | All | All | All |
| Operating System | Netvu | Sd 32 M3h Firmware | - | All | All | All |
| Operating System | Netvu | Sd 32 M3h Firmware | - | All | All | All |
| Hardware | Netvu | Sd 4 M3s | - | All | All | All |
| Operating System | Netvu | Sd 4 M3s Firmware | - | All | All | All |
| Hardware | Netvu | Sd 4 M3t | - | All | All | All |
| Operating System | Netvu | Sd 4 M3t Firmware | - | All | All | All |
| Hardware | Netvu | Sd 4 M3s | - | All | All | All |
| Hardware | Netvu | Sd 4 M3s | - | All | All | All |
| Operating System | Netvu | Sd 4 M3s Firmware | - | All | All | All |
| Operating System | Netvu | Sd 4 M3s Firmware | - | All | All | All |
| Hardware | Netvu | Sd 4 M3t | - | All | All | All |
| Hardware | Netvu | Sd 4 M3t | - | All | All | All |
| Operating System | Netvu | Sd 4 M3t Firmware | - | All | All | All |
| Operating System | Netvu | Sd 4 M3t Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/12/16 No Kbd M3r | - | All | All | All |
| Operating System | Netvu | Sd 8/12/16 No Kbd M3r Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/12/16 No Kbd M3s | - | All | All | All |
| Operating System | Netvu | Sd 8/12/16 No Kbd M3s Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/16 Front Panel Kbd M3r | - | All | All | All |
| Operating System | Netvu | Sd 8/16 Front Panel Kbd M3r Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/16 Front Panel Kbd M3u | - | All | All | All |
| Operating System | Netvu | Sd 8/16 Front Panel Kbd M3u Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/12/16 No Kbd M3r | - | All | All | All |
| Hardware | Netvu | Sd 8/12/16 No Kbd M3r | - | All | All | All |
| Operating System | Netvu | Sd 8/12/16 No Kbd M3r Firmware | - | All | All | All |
| Operating System | Netvu | Sd 8/12/16 No Kbd M3r Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/12/16 No Kbd M3s | - | All | All | All |
| Hardware | Netvu | Sd 8/12/16 No Kbd M3s | - | All | All | All |
| Operating System | Netvu | Sd 8/12/16 No Kbd M3s Firmware | - | All | All | All |
| Operating System | Netvu | Sd 8/12/16 No Kbd M3s Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/16 Front Panel Kbd M3r | - | All | All | All |
| Hardware | Netvu | Sd 8/16 Front Panel Kbd M3r | - | All | All | All |
| Operating System | Netvu | Sd 8/16 Front Panel Kbd M3r Firmware | - | All | All | All |
| Operating System | Netvu | Sd 8/16 Front Panel Kbd M3r Firmware | - | All | All | All |
| Hardware | Netvu | Sd 8/16 Front Panel Kbd M3u | - | All | All | All |
| Hardware | Netvu | Sd 8/16 Front Panel Kbd M3u | - | All | All | All |
| Operating System | Netvu | Sd 8/16 Front Panel Kbd M3u Firmware | - | All | All | All |
| Operating System | Netvu | Sd 8/16 Front Panel Kbd M3u Firmware | - | All | All | All |
| Hardware | Netvu | Sd Advanced Closed Iptv M3u | - | All | All | All |
| Operating System | Netvu | Sd Advanced Closed Iptv M3u Firmware | - | All | All | All |
| Hardware | Netvu | Sd Advanced Closed Iptv M3u | - | All | All | All |
| Hardware | Netvu | Sd Advanced Closed Iptv M3u | - | All | All | All |
| Operating System | Netvu | Sd Advanced Closed Iptv M3u Firmware | - | All | All | All |
| Operating System | Netvu | Sd Advanced Closed Iptv M3u Firmware | - | All | All | All |
| Hardware | Netvu | Sd Advanced Non Closed Iptv M3u | - | All | All | All |
| Operating System | Netvu | Sd Advanced Non Closed Iptv M3u Firmware | - | All | All | All |
| Hardware | Netvu | Sd Advanced Non Closed Iptv M3u | - | All | All | All |
| Hardware | Netvu | Sd Advanced Non Closed Iptv M3u | - | All | All | All |
| Operating System | Netvu | Sd Advanced Non Closed Iptv M3u Firmware | - | All | All | All |
| Operating System | Netvu | Sd Advanced Non Closed Iptv M3u Firmware | - | All | All | All |
| Hardware | Netvu | Sd Advanced Nvr | - | All | All | All |
| Hardware | Netvu | Sd Advanced Nvr | - | All | All | All |
| Operating System | Netvu | Sd Advanced Nvr Firmware | - | All | All | All |
| Operating System | Netvu | Sd Advanced Nvr Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Vulnerability Note VU#276148 - Dedicated Micros DVR products use plaintext protocols and require no password by default | MISC | www.kb.cert.org | Third Party Advisory, US Government Resource |
| » Interesting Shodan searches: Dedicated Micros DVRs | MISC | cybergibbons.com | Exploit, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.