Vulnerabilities > CVE-2014-8656 - Credentials Management vulnerability in Compal Broadband Networks products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH have a default password of (1) admin for the admin account and (2) compalbn for the root account, which makes it easier for remote attackers to obtain access to certain sensitive information via unspecified vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Hardware | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities. CVE-2014-8655,CVE-2014-8657. Webapps exploit for hardware platform |
| file | exploits/hardware/webapps/35075.txt |
| id | EDB-ID:35075 |
| last seen | 2016-02-04 |
| modified | 2014-10-27 |
| platform | hardware |
| port | |
| published | 2014-10-27 |
| reporter | LiquidWorm |
| source | https://www.exploit-db.com/download/35075/ |
| title | CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities |
| type | webapps |
References
- http://osvdb.org/show/osvdb/113836
- http://osvdb.org/show/osvdb/113836
- http://packetstormsecurity.com/files/128860/CBN-CH6640E-CG6640E-Wireless-Gateway-XSS-CSRF-DoS-Disclosure.html
- http://packetstormsecurity.com/files/128860/CBN-CH6640E-CG6640E-Wireless-Gateway-XSS-CSRF-DoS-Disclosure.html
- http://www.exploit-db.com/exploits/35075
- http://www.exploit-db.com/exploits/35075
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php