Vulnerability Description
A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Smc Networks | Smcd3G-Ccr | All versions |
| Smc Networks | Smcd3G-Ccr Firmware | <= 1.4.0.49 |
Related Weaknesses (CWE)
References
- http://seclists.org/bugtraq/2011/Feb/36
- http://secunia.com/advisories/43199
- http://securityreason.com/securityalert/8066
- http://www.exploit-db.com/exploits/16123/Exploit
- http://www.securityfocus.com/archive/1/516205/100/0/threaded
- http://www.securityfocus.com/bid/46215
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65184
- https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt
- http://seclists.org/bugtraq/2011/Feb/36
- http://secunia.com/advisories/43199
- http://securityreason.com/securityalert/8066
- http://www.exploit-db.com/exploits/16123/Exploit
- http://www.securityfocus.com/archive/1/516205/100/0/threaded
- http://www.securityfocus.com/bid/46215
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65184
FAQ
What is CVE-2011-0885?
CVE-2011-0885 is a vulnerability with a CVSS score of 10.0 (HIGH). A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attack...
How severe is CVE-2011-0885?
CVE-2011-0885 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0885?
Check the references section above for vendor advisories and patch information. Affected products include: Smc Networks Smcd3G-Ccr, Smc Networks Smcd3G-Ccr Firmware.