Schneider Electric FTP Server Default Credentials

This script is Copyright (C) 2006-2017 Tenable Network Security, Inc.


Synopsis :

The remote FTP server has one or more accounts with default /
backdoor credentials.

Description :

The remote FTP server has an account with a known username / password
combination, which is hardcoded into the device's firmware and
difficult to change or remove. An attacker may be able to use this to
gain privileged authenticated access to the system, which could allow
for other attacks against the affected device.

Solution :

Block access to the vulnerable device ports.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 23821 ()

Bugtraq ID: 51605

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now