Multiple 360 Systems Devices Hardcoded Password Security Bypass Vulnerability
BID:58338
Info
Multiple 360 Systems Devices Hardcoded Password Security Bypass Vulnerability
| Bugtraq ID: | 58338 |
| Class: | Design Error |
| CVE: |
CVE-2012-4702 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 06 2013 12:00AM |
| Updated: | Mar 06 2013 12:00AM |
| Credit: | Neil Smith and Ryan Green |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Multiple 360 Systems Devices Hardcoded Password Security Bypass Vulnerability
Multiple 360 Systems devices including Image Server 2000, Image Server Maxx, and Maxx are prone to a security-bypass vulnerability caused by a hard-coded password.
Successful attacks can allow a remote attacker to gain unauthorized root access to the vulnerable devices.
Multiple 360 Systems devices including Image Server 2000, Image Server Maxx, and Maxx are prone to a security-bypass vulnerability caused by a hard-coded password.
Successful attacks can allow a remote attacker to gain unauthorized root access to the vulnerable devices.
Exploit / POC
Multiple 360 Systems Devices Hardcoded Password Security Bypass Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at:[email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at:[email protected].
Solution / Fix
Multiple 360 Systems Devices Hardcoded Password Security Bypass Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Multiple 360 Systems Devices Hardcoded Password Security Bypass Vulnerability
References:
References: