| ID |
CVE-2011-0885
|
| Summary |
A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:h:smc_networks:smcd3g-ccr:*:*:*:*:*:*:*:*
cpe:2.3:h:smc_networks:smcd3g-ccr:*:*:*:*:*:*:*:*
-
cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:1.4.0.42:*:*:*:*:*:*:*
cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:1.4.0.42:*:*:*:*:*:*:*
-
cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:*:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 10.0 (as of 09-10-2018 - 19:29) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-255 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bid | 46215 | | bugtraq | - 20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)
- 20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)
| | exploit-db | 16123 | | misc | https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt | | secunia | 43199 | | sreason | 8066 | | xf | smcd3gccr-default-password(65184) |
|
| Last major update |
09-10-2018 - 19:29 |
| Published |
08-02-2011 - 22:00 |
| Last modified |
09-10-2018 - 19:29 |
