CVE-2016-9495

HIGH

Hughes HN7740S DW7000 HN7000S/SM Firmware - Use of Hard-coded Credentials

Title source: llm
STIX 2.1

Description

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
https://www.securityfocus.com/bid/96244
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/614751

Scores

CVSS v3 8.8
EPSS 0.0089
EPSS Percentile 54.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-798
Status published
Products (4)
hughes/dw7000_firmware 6.9.0.34
hughes/hn7000s_firmware 6.9.0.34
hughes/hn7000sm_firmware 6.9.0.34
hughes/hn7740s_firmware 6.9.0.34
Published Jul 13, 2018
Tracked Since Feb 18, 2026