exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

DragonWave Horizon 1.01.03 Hardcoded Credentials

DragonWave Horizon 1.01.03 Hardcoded Credentials
Posted Apr 6, 2017
Authored by Ian Ling

DragonWave Horizon version 1.01.03 suffers from having hardcoded credentials embedded in the device.

tags | advisory
SHA-256 | 07fb435be21a3d69e7b704cc6f1844bf8bd4a0b4dcbf64c0fbf09ed42effb437

DragonWave Horizon 1.01.03 Hardcoded Credentials

Change Mirror Download
[+] Credits: Ian Ling
[+] Website: iancaling.com
[+] Source: http://blog.iancaling.com/post/159276197313

Vendor:
=================
http://www.dragonwaveinc.com/

Product:
======================
-DragonWave Horizon

Vulnerability Details:
=====================

DragonWave Horizon wireless radios have hard-coded login credentials meant
to allow the vendor to access the devices. These credentials can be used
via both Telnet and the web interface.

Vendor confirmed that this vulnerability is fixed in the latest software
version. It is unknown which version specifically contained the fix.

Affected versions:
-1.01.03
-Possibly others

Impact:
The remote attacker can view plaintext admin credentials, as well as make
configuration changes to the device.


Disclosure Timeline:
===================================
Vendor Notification: March 29, 2017
Vendor Response: March 30, 2017
Public Disclosure: April 6, 2017

Exploitation Technique:
=======================
Remote

Severity Level:
================
Critical


Login or Register to add favorites

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close