返回 CVE 浏览器

CVE-2011-0885

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1110%

EPSS Percentile28.52th

Published2011年2月8日

Last Modified2026年4月29日

Vulnerability Description

A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface.

Affected Platforms (CPE)

🔌

Smc Networks

Smcd3g Ccr

All versions

📦

Smc Networks

Smcd3g Ccr Firmware

<= 1.4.0.49

📦

Smc Networks

Smcd3g Ccr Firmware

= 1.4.0.42

References & Advisories

🔗 http://seclists.org/bugtraq/2011/Feb/36

🔗 http://secunia.com/advisories/43199

🔗 http://securityreason.com/securityalert/8066

🔗 http://www.exploit-db.com/exploits/16123/

🔗 http://www.securityfocus.com/archive/1/516205/100/0/threaded

🔗 http://www.securityfocus.com/bid/46215

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/65184

🔗 https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt

相关漏洞威胁

CVE-2011-08866.8

Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the SMC SMCD3G-CCR (aka Comcast Business Gatewa...

CVE-2011-08874.3

The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable se...

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...