This host is running ZKSoftware WebServer and it has default admin credentials.

Successful exploitation will allow remote attacker to gain access to sensitive information or modify system configuration. Impact Level: Application

Change the default credentials.

It was possible to login with default credentials.

ZKSoftware WebServer

Send a crafted default admin credentials via HTTP POST request and check whether it is possible to login or not.

• http://blog.infobytesec.com/2014/07/perverting-embedded-devices-zksoftware_2920.html

---

Updated on 2015-03-25