SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   PLANET Switch Vendors:   PLANET Technology Corp.
PLANET Switch Default Account Lets Remote Users Gain Administrative Access
SecurityTracker Alert ID:  1007924
SecurityTracker URL:  http://securitytracker.com/id/1007924
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 14 2003
Impact:   User access via network
Exploit Included:  Yes  
Version(s): Model WGSD-1020; Firmware version 3.08
Description:   A default account vulnerability was reported in the PLANET WGSD-1020 switch. A remote user can gain administrative access on the system.

Sergey Goncharov reported that there is an undocumented administrative account in the Planet WGSD-1020 switch. According to the report, the username 'superuser' and password 'planet' are visible in a configuration file. The account reportedly has maintenance level (i.e., administrator) permissions.

Firmware v.3.08 from 13.08.2003 is affected, according to the report.

Impact:   A remote user can access the system with administrative privileges.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.planet.com.tw/product/product_dm.php?product_id=18&menu_id=2 (Links to External Site)
Cause:   Configuration error

Message History:   None.


 Source Message Contents

Subject:  http://www.security.nnov.ru/search/document.asp?docid=5233


http://www.security.nnov.ru/search/document.asp?docid=5233

 > There is a backdoor acckint 'superuser' with 'planet' password.
 > Affected products:PLANET:Planet WGSD-1020
 > Original text: Sergey Goncharov, Planet WGSD-1020

SECURITY.NNOV posted a report by Sergey Goncharov regarding an undocumented account in the 
Planet WGSD-1020 switch.  According to the report, the username 'superuser' and password 
'planet' are visible in a configuration file.  The account reportedly has maintenance 
level (i.e., administrator) permissions.

Firmware v.3.08 from 13.08.2003 is affected.


Vendor URL:  http://www.planet.com.tw/product/product_dm.php?product_id=18&menu_id=2


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC