Описание
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:netwin:webnews:1.1h:*:*:*:*:*:*:*
cpe:2.3:a:netwin:webnews:1.1i:*:*:*:*:*:*:*
cpe:2.3:a:netwin:webnews:1.1j:*:*:*:*:*:*:*
cpe:2.3:a:netwin:webnews:1.1k:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00846
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.
EPSS
Процентиль: 74%
0.00846
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other