Vulnerabilities > CVE-2014-8656 - Credentials Management vulnerability in Compal Broadband Networks products

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

compal-broadband-networks

CWE-255

critical

exploit available

NVD

Published: 2014-11-06

Updated: 2014-11-06

Summary

The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it easier for remote attackers to obtain access to certain sensitive information via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Compal_Broadband_Networks Compal Broadband Networks Firmware Ch6640-3.5.11.7-Nosh	1
Hardware	Compal_Broadband_Networks Compal Broadband Networks Cg6640E Wireless Gateway 1.0 Compal Broadband Networks Ch664Oe Wireless Gateway 1.0	2

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Exploit-Db

description	CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities. CVE-2014-8655,CVE-2014-8657. Webapps exploit for hardware platform
file	exploits/hardware/webapps/35075.txt
id	EDB-ID:35075
last seen	2016-02-04
modified	2014-10-27
platform	hardware
port
published	2014-10-27
reporter	LiquidWorm
source	https://www.exploit-db.com/download/35075/
title	CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities
type	webapps

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References