Search

Find a vulnerability

Search criteria

    1 vulnerability found for MZK-DP150N firmware by PLANEX COMMUNICATIONS INC.

    JVNDB-2022-002338

    Vulnerability from jvndb - Published: 2022-08-23 15:02 - Updated:2024-06-14 14:06
    Severity
    Summary
    PLANEX MZK-DP150N contains hidden administrative functionality
    Details
    MZK-DP150N provided by PLANEX COMMUNICATIONS INC. contains a hidden administrative screen (CVE-2021-37289, CWE-912). In the initial settings of the product, the login account for the configuration screen is common to all products. Please change the account information from the initial settings before using it. Thomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002338.html",
      "dc:date": "2024-06-14T14:06+09:00",
      "dcterms:issued": "2022-08-23T15:02+09:00",
      "dcterms:modified": "2024-06-14T14:06+09:00",
      "description": "MZK-DP150N provided by PLANEX COMMUNICATIONS INC. contains a hidden administrative screen (CVE-2021-37289, CWE-912).\r\n\r\nIn the initial settings of the product, the login account for the configuration screen is common to all products.\r\nPlease change the account information from the initial settings before using it.\r\n\r\nThomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
      "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002338.html",
      "sec:cpe": {
        "#text": "cpe:/o:planex:mzk-dp150n_firmware",
        "@product": "MZK-DP150N firmware",
        "@vendor": "PLANEX COMMUNICATIONS INC.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "@version": "3.0"
      },
      "sec:identifier": "JVNDB-2022-002338",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/vu/JVNVU98291763/index.html",
          "@id": "JVNVU#98291763",
          "@source": "JVN"
        },
        {
          "#text": "https://www.cve.org/CVERecord?id=CVE-2021-37289",
          "@id": "CVE-2021-37289",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-37289",
          "@id": "CVE-2021-37289",
          "@source": "NVD"
        },
        {
          "#text": "https://cwe.mitre.org/data/definitions/912.html",
          "@id": "CWE-912",
          "@title": "Hidden Functionality(CWE-912)"
        }
      ],
      "title": "PLANEX MZK-DP150N contains hidden administrative functionality"
    }