OpenMediaVault Default Administrator Credentials

high Nessus Plugin ID 71525

Synopsis

A web application is protected using default administrative credentials.

Description

The remote OpenMediaVault install uses a default set of credentials ('admin' / 'openmediavault') to control access to its management interface.

With this information, an attacker could gain administrative access to the application.

Solution

Log into the application and personalize the account to change the default login credentials.

See Also

http://www.openmediavault.org/faq.html

Plugin Details

Severity: High

ID: 71525

File Name: openmediavault_default_creds.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 12/18/2013

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/openmediavault

Excluded KB Items: global_settings/supplied_logins_only