First published: Mon Aug 26 2019(Updated: )
Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box 9.2.3 through 11.1.4 and other products, has default credentials that allow remote attackers to access devices remotely via SSH, HTTP, HTTPS, and FTP.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Blackbox Icompel Firmware | >=9.2.3<=11.1.4 | |
Blackbox Icompel | ||
Onelan Net-top-box Firmware | >=9.2.3<=11.1.4 | |
ONELAN Net-Top-Box |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-15497 is a vulnerability in Black Box iCOMPEL and ONELAN Net-Top-Box that allows remote attackers to access devices using default credentials.
CVE-2019-15497 has a severity score of 9.8 (critical).
To exploit CVE-2019-15497, you can use the default credentials to remotely access the affected devices via SSH, HTTP, HTTPS, or FTP.
To fix CVE-2019-15497, ensure that you change the default credentials on the affected devices and use strong, unique passwords.
You can find more information about CVE-2019-15497 at the following URL: https://experiencesofasysadmin.wordpress.com/2019/08/23/cve-2019-15497-default-credentials/