Sitecom Devices Hard-coded Credentials Network Vulnerability

Summary

The remote Sitecom Device is prone to a hard-coded credentials bypass vulnerabillity

Impact

Attackers can exploit these issues to gain unauthorized access to the affected device and perform certain administrative actions. Impact Level: System

Solution

Updates are available.

Insight

A user can login to the Telnet service (with root privileges) using the hard-coded credential admin:1234. This administrative account is hard-coded and cannot be changed by a normal user.

Detection

Start a telnet session with the hard-coded credentials.

Severity

Classification

CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

OpenMediaVault Default Admin Credentials
Device42 DCIM Appliance Manager Default Credentials
Schneider Modicon M340 Default Credentials
IZON IP Cameras Hard-coded Credentials
Cisco Default Telnet Login

Sitecom Devices Hard-coded credentials

Take action and discover your vulnerabilities