icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

WhatsUp Network Monitoring Tool Default Administrative Credentials

High

Synopsis

The remote host is configured with default or easily-guessed credentials.

Description

The remote host is running WhatsUp, a network monitoring tool that discovers and monitors network resources. The remote install of WhatsUp is still utilizing the default administrative credentials (e.g. admin/admin). An attacker exploiting this flaw would be able to log into the application and gain information regarding the network, change the configuration of the device, and run arbitrary administrative commands on the WhatsUp application.

Solution

Change the default passwords for the application.