CVE-2020-35338

CRITICAL NUCLEI

Mobile Viewpoint Wireless Multiplex Terminal Playout Server < 20.2.8 - Use of Hard-coded Credentials

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2020-35338 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."

Nuclei Templates (1)

Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
CRITICALby Jeya Seelan

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://jeyaseelans.medium.com/cve-2020-35338-9e841f48defa
Product x_refsource_misc
https://www.mobileviewpoint.com/

Scores

CVSS v3 9.8
EPSS 0.1165
EPSS Percentile 95.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-798
Status published
Products (1)
mobileviewpoint/wireless_multiplex_terminal_playout_server < 20.2.8
Published Dec 14, 2020
Tracked Since Feb 18, 2026