Default Password for FTP 'admin' Account

This script is Copyright (C) 2003-2012 Tenable Network Security, Inc.


Synopsis :

The remote router uses default credentials.

Description :

The account 'admin' on the remote FTP server has the password
'password'. An attacker may leverage this to gain access to the
affected system and launch further attacks against it.

If the remote host is a NB1300 router, this would allow an attacker to
steal the WAN credentials of the user, or even to reconfigure the
router remotely.

See also :

http://archives.neohapsis.com/archives/bugtraq/2003-04/0202.html

Solution :

Change the admin password on this host.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:H/RL:W/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 11539 (ftp_nb1300_router.nasl)

Bugtraq ID: 7359

CVE ID: