WebNews CGI Program Vulnerability Exposes Default Credentials by Netwin
CVE-2002-0310

Currently unrated

Key Information:

Vendor

Netwin

Status
Webnews
Vendor
CVE Published:
31 May 2002

What is CVE-2002-0310?

The Netwin WebNews 1.1k CGI application is vulnerable due to the inclusion of several default usernames and passwords. These credentials are hardcoded and cannot be removed by administrators, allowing remote attackers to easily gain unauthorized access. The known default username/password combinations include 'testweb/newstest', 'alwn3845/imaptest', 'alwi3845/wtest3452', and 'testweb2/wtest4879'. The presence of these unremovable credentials significantly increases the risk of privilege escalation attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=101432236729631&w=2
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/4156
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/8255
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.