CVE-2014-8656 - The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.

CVE-2014-8656

Summary

The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it easier for remote attackers to obtain access to certain sensitive information via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:compal_broadband_networks:firmware:ch6640-3.5.11.7-nosh:*:*:*:*:*:*:*
cpe:2.3:a:compal_broadband_networks:firmware:ch6640-3.5.11.7-nosh:*:*:*:*:*:*:*
cpe:2.3:h:compal_broadband_networks:cg6640e_wireless_gateway:1.0:*:*:*:*:*:*:*
cpe:2.3:h:compal_broadband_networks:cg6640e_wireless_gateway:1.0:*:*:*:*:*:*:*
cpe:2.3:h:compal_broadband_networks:ch664oe_wireless_gateway:1.0:*:*:*:*:*:*:*
cpe:2.3:h:compal_broadband_networks:ch664oe_wireless_gateway:1.0:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 06-11-2014 - 19:20)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

exploit-db	35075
misc	http://packetstormsecurity.com/files/128860/CBN-CH6640E-CG6640E-Wireless-Gateway-XSS-CSRF-DoS-Disclosure.html http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php
osvdb	113836

Last major update

06-11-2014 - 19:20

Published

06-11-2014 - 15:55

Last modified

06-11-2014 - 19:20