Novatel MiFi Default Credentials

critical Nessus Plugin ID 50514

Synopsis

The remote MiFi device has its default administrative password set.

Description

The remote host is a Novatel MiFi device, a portable access point using 3G/EVDO to connect to the Internet.

The remote device is using the default password ('admin') for administrative access. This may allow anyone on this network to log into the device and force it to connect/disconnect from the network.

Solution

Log into the remote device and change the password to a stronger one

Plugin Details

Severity: Critical

ID: 50514

File Name: vzw_novatel_mifi_default_password.nasl

Version: 1.7

Type: remote

Published: 11/8/2010

Updated: 10/1/2019

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: x-cpe:/h:novateal:mifi

Required KB Items: Host/novatel_mifi_device

Excluded KB Items: global_settings/supplied_logins_only