vendor:
Accton-based Switches
by:
Edwin Eefting, Erik Smit and Erwin Drent
7,5
CVSS
HIGH
Backdoor Password
798
CWE
Product Name: Accton-based Switches
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Telnet, SSH and HTTP
2009
Backdoor Password in Accton-based Switches
At the HAR2009 conference, the existence of a backdoor password in Accton-based switches was revealed by Edwin Eefting, Erik Smit and Erwin Drent. The backdoor password can be calculated if you have the switch MAC-address, which can be obtained via ARP or SNMP (if you know the community string). It seems to work on all management interfaces: telnet, ssh and http. If you don't know the MAC-address but can guess the OUI, brute forcing the password is probably feasible as well.
Mitigation:
Contact the vendor for a patch or update to the latest firmware version.
