Modicon Quantum FTP Server Default Credentials

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.


Synopsis :

The remote FTP server has one or more accounts with default /
backdoor credentials.

Description :

The remote FTP server has an account with a known username / password
combination, which is hardcoded into the device's firmware and
difficult to change or remove. An attacker may be able to use this to
gain authenticated acccess to the system, which could allow for other
attacks against the affected device.

Solution :

Block access to the vulnerable device ports.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 23821 ()

Bugtraq ID: 51605

CVE ID:

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial