9.3

CVE-2014-0329

EPSS 25.02%
Veröffentlicht 04.02.2014 05:39:08
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cret@cert.org
CVE-Watchlists
Login
Unerledigt
Login

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Zte ≫ Zxv10 W300 Version2.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	25.02%	0.96

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://blog.alguien.at/2014/02/hackeando-el-router-zte-zxv10-w300-v21.html

http://osvdb.org/102816

http://packetstormsecurity.com/files/125142/ZTE-ZXV10-W300-Hardcoded-Credentials.html

http://www.kb.cert.org/vuls/id/228886

US Government Resource

http://www.securityfocus.com/bid/65310

https://exchange.xforce.ibmcloud.com/vulnerabilities/90958

https://nvd.nist.gov/vuln/detail/CVE-2014-0329

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0329

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0329

EUVD