MISC: Conexant Chipset DSL Router Default Login
This signature detects a default blank login to a DSL router based on the Conexant chipset. Attackers can supply a blank password on a secret port to modify the router settings.
Extended Description
The authentication mechanism used by the Conexant AccessRunner DSL Console can be bypassed. This could allow a remote user to access the device's configuration settings. ** The discoverer of this issue has reported that it may not be present in some devices. There is currently no known reason for why some devices are vulnerable while others are not. This record will be updated if and when further details become available.
Affected Products
Conexant accessrunner_dsl_console
Short Name
APP:CONEXANT-LOGIN
Severity
Minor
Recommended
False
Recommended Action
None
Category
APP
Keywords
CVE-2004-0680 Chipset Conexant DSL Default Login Router bid:8765
Release Date
10/27/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/254-255,9876
False Positive
Unknown
Vendors
Conexant
CVSS Score
10.0