mirror of
https://github.com/0xMarcio/cve.git
synced 2026-04-12 05:08:32 +02:00
816 B
816 B
CVE-2017-12574
Description
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows attackers to gain unauthorized access and control the device completely; the account can't be modified or deleted.
POC
Reference
Github
No PoCs found on GitHub currently.