CVE-2018-10024

CVE-2018-10024

ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs. The file can be reached via an HTTP request. The credentials can be used to access the system via SSH (or TELNET if it is enabled).

Source: CVE-2018-10024

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다