A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote attackers to log in via SSH and escalate privileges to root access with the same credentials.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/144259/DlxSpot-Hardcoded-Password.html | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-09-21T16:00:00
Updated: 2017-09-21T15:57:01
Reserved: 2017-08-17T00:00:00
Link: CVE-2017-12928
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-09-21T16:29:00.207
Modified: 2017-09-29T13:52:57.427
Link: CVE-2017-12928
JSON object: View
Redhat Information
No data.
CWE