This host is running ZKSoftware WebServer and it has default admin credentials.
Successful exploitation will allow remote attacker to gain access to sensitive information or modify system configuration. Impact Level: Application
Change the default credentials.
It was possible to login with default credentials.
Send a crafted default admin credentials via HTTP POST request and check whether it is possible to login or not.
Updated on 2015-03-25
- Default password 'forgot' for account 'super'
- Multiple Barracuda Products Security Bypass and Backdoor Unauthorized Access Vulnerabilities
- CS121 UPS Default Admin Credentials
- ZTE ZXV10 W300 Wireless Router Hardcoded Credentials Security Bypass Vulnerability
- ZKSoftware WebServer Default Admin Credentials