Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0885

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-0885
Last Modified 21 Sep 2011 11:29:05
Published 08 Feb 2011 05:00:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-0885

Summary

A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface.

Vulnerable Systems

Application

  • Smc Networks Smcd3g-ccr Firmware 1.4.0.42

  • Smc Networks Smcd3g-ccr Firmware 1.4.0.49


References

MISC - https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt

XF - smcd3gccr-default-password(65184)

BID - 46215

BUGTRAQ - 20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)

EXPLOIT-DB - 16123

SREASON - 8066

SECUNIA - 43199

BUGTRAQ - 20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)


Last Updated: 27 May 2016 10:56:06