Intrusion PreventionNetcore.Netis.Devices.Hardcoded.Password.Security.Bypass
Description
This indicates detection of a Security Bypass vulnerability in Netcore/Netis Devices.
The vulnerability is due to a single hard-coded password in the router's firmware. Remote attackers can obtain access to the device with this password by sending a special request to a specified UDP port.
This vulnerability has been incorporated into various vulnerability scanners with widespread usage at the moment. If the signature is triggering in your network, this can also mean that your network is being scanned by vulnerability scanners.
Affected Products
All Netcore/Netis routers
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch or updates available for this issue.
Monitor the traffic from that network for any suspicious activity.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-05-10 | 23.551 | Sig Added |
| ID | 42781 |
| Created | Aug 03, 2016 |
| Updated | May 09, 2023 |
| Risk |
|
| CVE ID | |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |