The remote 3Com OfficeConnect VPN Firewall is prone to a default account authentication bypass vulnerability. This issue may be exploited by a remote attacker to gain access to sensitive information or modify system configuration. It was possible to login as Admin with password 'admin'.
Change the password.
- ArticleFR CMS Multiple Vulnerabilities - Jan15
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Allegro RomPager `Misfortune Cookie` Vulnerability
- Apache Struts ClassLoader Manipulation Vulnerabilities
- Atmail Multiple Unspecified Security Vulnerabilities.