Test ID:	1.3.6.1.4.1.25623.1.0.103239
Category:	Brute force attacks
Title:	SSH Brute Force Logins With Default Credentials Reporting
Summary:	It was possible to login into the remote SSH server using; default credentials.
Description:	Summary: It was possible to login into the remote SSH server using default credentials. Vulnerability Insight: As the VT 'SSH Brute Force Logins With Default Credentials' (OID: 1.3.6.1.4.1.25623.1.0.108013) might run into a timeout the actual reporting of this vulnerability takes place in this VT instead. Vulnerability Impact: This issue may be exploited by a remote attacker to e.g. gain access to sensitive information or modify system configuration. Affected Software/OS: The following products are known to use the default credentials checked by the VT 'SSH Brute Force Logins With Default Credentials' (OID: 1.3.6.1.4.1.25623.1.0.108013) used for this reporting: - CVE-2017-16523: MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices - CVE-2020-29583: Zyxel Firewall / AP Controller - CVE-2020-9473: S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 - CVE-2023-1944: minikube 1.29.0 and probably prior - CVE-2024-22902: Vinchin Backup & Recovery - CVE-2024-31970: AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1) during a window of time when the device is being set up - CVE-2024-46328: VONETS VAP11G-300 v3.3.23.6.9 - Various additional products like e.g. Ubiquiti EdgeMax / EdgeRouter, Crestron AM-100 and similar for which no CVE was assigned (See 'default_credentials.inc' file on the file system for a full list) Other products might be affected as well. Solution: Change the password as soon as possible. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-1999-0501 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0501 Common Vulnerability Exposure (CVE) ID: CVE-1999-0502 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502 Common Vulnerability Exposure (CVE) ID: CVE-1999-0507 https://www.cve.org/CVERecord?id=CVE-1999-0507 Common Vulnerability Exposure (CVE) ID: CVE-1999-0508 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0508 Common Vulnerability Exposure (CVE) ID: CVE-2005-1379 BugTraq ID: 13431 http://www.securityfocus.com/bid/13431 Bugtraq: 20050428 insecure user account lam-runtime-7.0.6-2mdk rpm (Google Search) http://marc.info/?l=bugtraq&m=111472262231060&w=2 Common Vulnerability Exposure (CVE) ID: CVE-2006-5288 BugTraq ID: 20490 http://www.securityfocus.com/bid/20490 Cisco Security Advisory: 20061012 Default Password in Wireless Location Appliance http://www.cisco.com/en/US/products/products_security_advisory09186a0080758bae.shtml http://www.osvdb.org/30913 http://securitytracker.com/id?1017056 XForce ISS Database: cisco-location-appliance-default-password(29497) https://exchange.xforce.ibmcloud.com/vulnerabilities/29497 Common Vulnerability Exposure (CVE) ID: CVE-2009-3710 http://packetstormsecurity.org/0910-exploits/riorey-passwd.txt http://osvdb.org/58858 http://secunia.com/advisories/36971 Common Vulnerability Exposure (CVE) ID: CVE-2012-4577 BugTraq ID: 55196 http://www.securityfocus.com/bid/55196 http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02 http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02 http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity XForce ISS Database: jetport-default-password(77992) https://exchange.xforce.ibmcloud.com/vulnerabilities/77992 Common Vulnerability Exposure (CVE) ID: CVE-2016-1000245 Common Vulnerability Exposure (CVE) ID: CVE-2017-16523 BugTraq ID: 101672 http://www.securityfocus.com/bid/101672 https://www.exploit-db.com/exploits/43061/ https://packetstormsecurity.com/files/144805/MitraStar-DSL-100HN-T1-GPT-2541GNAC-Privilege-Escalation.html Common Vulnerability Exposure (CVE) ID: CVE-2020-29583 https://businessforum.zyxel.com/discussion/5252/zld-v4-60-revoke-and-wk48-firmware-release https://businessforum.zyxel.com/discussion/5254/whats-new-for-zld4-60-patch-1-available-on-dec-15 https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html https://www.secpod.com/blog/a-secret-zyxel-firewall-and-ap-controllers-could-allow-for-administrative-access-cve-2020-29583/ https://www.zyxel.com/support/security_advisories.shtml Common Vulnerability Exposure (CVE) ID: CVE-2020-9473 https://research.hisolutions.com/2020/04/open-the-gates-insecurity-of-cloudless-smart-door-systems/ Common Vulnerability Exposure (CVE) ID: CVE-2023-1944 https://github.com/kubernetes/minikube Common Vulnerability Exposure (CVE) ID: CVE-2024-22902 http://default.com http://vinchin.com https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/ https://seclists.org/fulldisclosure/2024/Jan/31 Common Vulnerability Exposure (CVE) ID: CVE-2024-31970 Common Vulnerability Exposure (CVE) ID: CVE-2024-46328
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.