| VID |
29083 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Web server has a default username/password combination.
It has been reported that the firmware shipped with the X-Micro 11b Broadband Router has built-in an administrative account that cannot be disabled. The default account appears to be a backdoor and may provide a remote attacker possessing knowledge of the account with complete control over the device. The attacker could connect to an affected device using Web administration interface to gain unauthorized access and make unauthorized changes to the device's configuration settings.
The following username and password works in every case, even if you set an other password on the web interface:
1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0:
Username: super
Password: super
In 1.6.0.1:
Username: 1502
Password: 1502
* References:
http://www.securityfocus.com/archive/1/360049
http://www.securityfocus.com/archive/1/360538
* Platforms Affected:
X-Micro WLAN 11b Broadband Router Firmware 1.2.2.4
X-Micro WLAN 11b Broadband Router Firmware 1.2.2.3
X-Micro WLAN 11b Broadband Router Firmware 1.2.2
X-Micro WLAN 11b Broadband Router Firmware 1.6.0.1
X-Micro WLAN 11b Broadband Router Firmware 1.6.0 |
| Recommendation |
If the account is not needed, disable or delete the account from the system.
If the account is required, change the default login and password to a value that is difficult to guess.
-- OR --
If the remote host is a X-Micro Wireless Broadband router, replace or upgrade to the fixed firmware (v1.2.2.4 or v1.6.0.1 dated 2004-04-14 or later), as available from X-Micro download site at http://www.x-micro.com/bios.htm |
| Related URL |
(CVE) |
| Related URL |
10095 (SecurityFocus) |
| Related URL |
15829 (ISS) |
|
