Sunday Shodan defaults

Messing around with Shodan again, its addictive! Found some issues via the recent searches. I didn’t find these, just saw the searches already performed and verified the defaults using vendor web sites:

3com-officeconnect-vpn-firewall-default_pass
3com OfficeConnect VPN Firewall has a default password and is nice enough to tell you when you connect! Kind a defeats the purpose of a security device….

vmax-default
The VMAX Web Viewer (identify via “Server: Boa/0.94.13”) by Digital Watchdog has the manual online showing the default account of ‘admin’ has no password.

cudatel
The CudaTel Communications Server has a default account of ‘admin’ and a default password of ‘admin’.

zywall5-1
zywall5-2
ZyWall Firewalls have a default password of ‘1234’ for the Web Configurator. Even if the password is changed, the system sends the default in the first login connection.

While verifying that default i saw the MultiTech RouteFinder Internet Security Appliance (model RF850 and RF860 and probably more) have a default account of ‘admin’ and default password of ‘admin’.

The SonicWall TZ Series firewalls have a default account of ‘admin’ and a default password of ‘password’.

Advertisements

Tags: ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: