Modicon PLC HTTP Server Default Username/Password (SCADA)

High Nessus Network Monitor Plugin ID 3853


The remote host is configured with default or easily-guessed credentials.


The ethernet module on Modicon's Quantum, Premium and Micro PLC's has an HTTP server with one account that can be modified. The default account has the ability to load programs and change the configuration and programming of the PLC.


Change the username and password for the HTTP server.

Plugin Details

Severity: High

ID: 3853

Family: SCADA

Published: 2006/12/11

Modified: 2016/09/30

Dependencies: 1442

Risk Information

Risk Factor: High