exploitDog

CVE-2009-3710

Опубликовано: 16 окт. 2009

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username (dbadmin) and password (sq!us3r) for an SSH tunnel, which allows remote attackers to gain privileges via port 8022.

Ссылки

http://osvdb.org/58858
http://packetstormsecurity.org/0910-exploits/riorey-passwd.txt
Exploit
http://secunia.com/advisories/36971
Vendor Advisory
http://osvdb.org/58858
http://packetstormsecurity.org/0910-exploits/riorey-passwd.txt
Exploit
http://secunia.com/advisories/36971
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:riorey:rios:4.6.6:*:*:*:*:*:*:*

cpe:2.3:h:riorey:rios:4.7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02776

Низкий

10 Critical

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-jgv9-qp9j-c2cr

github

почти 4 года назад

RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username (dbadmin) and password (sq!us3r) for an SSH tunnel, which allows remote attackers to gain privileges via port 8022.

EPSS

Процентиль: 86%

0.02776

Низкий

10 Critical

CVSS2

Дефекты

CWE-255