Test ID:	1.3.6.1.4.1.25623.1.0.810980
Category:	Default Accounts
Title:	Technicolor DPC3928SL Authentication Bypass Vulnerability (SNMP)
Summary:	Technicolor DPC3928SL devices are prone to an SNMP; authentication bypass vulnerability.
Description:	Summary: Technicolor DPC3928SL devices are prone to an SNMP authentication bypass vulnerability. Vulnerability Insight: The flaw is due to the value placed in the community string field is not handled properly by the snmp agent in different devices (usually cable modems). Vulnerability Impact: Successful exploitation will allow remote attacker to bypass certain security restrictions and perform unauthorized actions like write in the MIB etc. Affected Software/OS: Technicolor DPC3928SL firmware version D3928SL-P15-13-A386-c3420r55105-160127a is vulnerable, other devices are also affected. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5135 BugTraq ID: 98092 http://www.securityfocus.com/bid/98092 https://stringbleed.github.io/ https://www.reddit.com/r/netsec/comments/67qt6u/cve_20175135_snmp_authentication_bypass/
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.