exploit the possibilities

Programi Bilanc Build 007 Release 014 31.01.2020 Weak Default Password

Programi Bilanc Build 007 Release 014 31.01.2020 Weak Default Password
Posted Dec 18, 2020
Authored by Georg Ph E Heise

Programi Bilanc build 007 release 014 31.01.2020 uses a weak default password.

tags | advisory
advisories | CVE-2020-11720
MD5 | 58fc04489ea61effe668394ab75d4480

Programi Bilanc Build 007 Release 014 31.01.2020 Weak Default Password

Change Mirror Download
Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default Password

===============================================================================

Identifiers

-------------------------------------------------

CVE-2020-11720

Vendor

-------------------------------------------------

Balanc Shpk (https://bilanc.com)

Product

-------------------------------------------------

Programi Bilanc

Affected versions

-------------------------------------------------

Programi Bilanc - Build 007 Release 014 31.01.2020 and possibly below

Credit

-------------------------------------------------

Georg Ph E Heise (@gpheheise) / Lufthansa Industry Solutions (@LHIND_DLH)

Vulnerability summary

-------------------------------------------------

The installation sets up admin accounts with weak default credentials

Technical details

------------------------------------------------

During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password.

Proof of concept

-------------------------------------------------

Withheld

Solution

-------------------------------------------------

Don’t use the software in its current version & contact vendor for a solution

Timeline

-------------------------------------------------

Date| Status

------------|-----------------------------

01–APR-2020 | Reported to vendor

30-JUN-2020 | End of 90 Days Full Disclosure Time

17-DEZ-2020 | Full disclosure


Login or Register to add favorites

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    9 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close