Short Name |
APP:CONEXANT-LOGIN |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
APP |
Keywords |
Conexant Chipset DSL Router Default Login |
Release Date |
2004/10/27 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects a default blank login to a DSL router based on the Conexant chipset. Attackers can supply a blank password on a secret port to modify the router settings.
The authentication mechanism used by the Conexant AccessRunner DSL Console can be bypassed. This could allow a remote user to access the device's configuration settings. ** The discoverer of this issue has reported that it may not be present in some devices. There is currently no known reason for why some devices are vulnerable while others are not. This record will be updated if and when further details become available.