ASUS RT-N13U Router Built-in Admin Telnet Account with Unchangeable Password

critical Nessus Plugin ID 71095

Language:

Synopsis

The remote host has a telnet service running that accepts known, built-in credentials.

Description

The remote host is running a telnet service with an unchangeable admin account with known credentials (admin/admin). An attacker could log into this account and gain complete control of the device.

Solution

There is currently no available fix. As a workaround, restrict access to the telnet service.

Plugin Details

Severity: Critical

ID: 71095

File Name: asus_rtn13u_admin_account.nasl

Version: 1.9

Type: remote

Family: Misc.

Published: 11/26/2013

Updated: 4/11/2022

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus

Vulnerability Information

CPE: x-cpe:/h:asus:rt_n13u

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 10/28/2013

Reference Information

BID: 63394

Detections

Analytics