Default Password (password) for 'admin' Account on Broadcom BCM96338 ADSL Router

critical Nessus Plugin ID 35621

Synopsis

The remote system can be accessed with a default administrator account.

Description

The remote host is a Broadcom BCM96338 ADSL router, and its 'admin' account uses the password 'password'. An attacker may leverage this issue to gain administrative access to the affected system.

Solution

Change the password for this account or disable it.

Plugin Details

Severity: Critical

ID: 35621

File Name: bcm96338_admin_password.nasl

Version: 1.11

Type: remote

Published: 2/9/2009

Updated: 6/12/2020

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only