Remote Code Execution Vulnerability in Plixer Scrutinizer by Dell SonicWALL

CVE-2012-3951

Summary

The MySQL component within Plixer Scrutinizer allows for significant security risks due to the use of a default password, 'admin', for both the scrutinizer and scrutremote accounts. This flaw enables remote attackers to gain unauthorized access and execute arbitrary SQL commands, potentially compromising sensitive data and system integrity. The issue is present in version 9.0.1.19899 and earlier, highlighting the necessity for users to secure their databases by changing default credentials and applying updates promptly.

References