CVE-2011-0885

SMC Networks Smcd3g-ccr < 1.4.0.49 - Credentials Management

Title source: rule

Description

A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Trustwave's SpiderLabs · textremotehardware

https://www.exploit-db.com/exploits/16123

View Code ZIP pw:eip

References (8)

Core 8

Core References

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/8066

Mailing List mailing-list x_refsource_bugtraq

http://seclists.org/bugtraq/2011/Feb/36

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43199

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/46215

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/16123/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/516205/100/0/threaded

Various Sources x_refsource_misc

https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/65184

Scores

EPSS 0.1690

EPSS Percentile 95.0%

Details

CWE

CWE-255

Status published

Products (3)

smc_networks/smcd3g-ccr

smc_networks/smcd3g-ccr_firmware 1.4.0.42

smc_networks/smcd3g-ccr_firmware < 1.4.0.49

Published Feb 08, 2011

Tracked Since Feb 18, 2026