Skip to content

A threat actor may gain unauthorized access using the default username and password

License

Notifications You must be signed in to change notification settings

qeeqbox/default-credential

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 

Repository files navigation

A threat actor may gain unauthorized access using the default username and password.

Example #1

  1. Threat actor requests a web application interface
  2. Sever sends a login request
  3. Threat actor uses admin for as username and admin for password
  4. Sever sends the web application interface

Impact

Vary

Risk

  • Gain unauthorized access

Redemption

  • Remove default credentials

ID

91f9b046-b802-425a-b71b-64c21c6b1c0f

References

Sponsor this project