header-logo
Suggest Exploit
vendor:
IPC@Chip
by:
SecurityFocus
7.5
CVSS
HIGH
Brute Force
307
CWE
Product Name: IPC@Chip
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

IPC@Chip Telnetd Login Brute Force Vulnerability

The IPC@Chip is a single-chip embedded webserver from Beck GmbH. The device's inbuilt telnetd service may allow a remote user to repeatedly attempt to login to a given account, without logging or responding to repeated failed login attempts. This could permit an attacker to brute-force a known account name, potentially leading to a compromise of the device's accounts and/or allowing a compromise of its function.

Mitigation:

Disable telnetd service or limit the number of login attempts.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2771/info


The IPC@Chip is a single-chip embedded webserver from Beck GmbH.

The device's inbuilt telnetd service may allow a remote user to repeatedly attempt to login to a given account, without logging or responding to repeated failed login attempts. This could permit an attacker to brute-force a known account name, potentially leading to a compromise of the device's accounts and/or allowing a compromise of its function. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20881.zip

Navigation

Suggest Exploit

Services By CQR