Default Password for FTP 'admin' Account

Critical Nessus Plugin ID 11539


The remote router uses default credentials.


The account 'admin' on the remote FTP server has the password 'password'. An attacker may leverage this to gain access to the affected system and launch further attacks against it.

If the remote host is an NB1300 router, this would allow an attacker to steal the WAN credentials of the user, or even to reconfigure the router remotely.


Change the admin password on this host.

See Also

Plugin Details

Severity: Critical

ID: 11539

File Name: ftp_nb1300_router.nasl

Version: $Revision: 1.22 $

Type: remote

Family: FTP

Published: 2003/04/15

Modified: 2017/03/07

Dependencies: 18367, 10092, 10990

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:W/RC:ND


Base Score: 9.8

Temporal Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:W/RC:X

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

BID: 7359

OSVDB: 51636