CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-8950

The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via TELNET.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://blog.burghardt.pl/2019/02/dasan-h665-has-vendor-backdoor-built-into-busyboxs-bin-login/
https://seclists.org/bugtraq/2019/Feb/32
https://blog.burghardt.pl/2019/02/dasan-h665-has-vendor-backdoor-built-into-busyboxs-bin-login/
https://seclists.org/bugtraq/2019/Feb/32

Products affected by CVE-2019-8950

Dasannetworks » H665 » Version: N/A

cpe:2.3:h:dasannetworks:h665:-
Dasannetworks » H665 Firmware » Version: 1.46p1-0028

cpe:2.3:o:dasannetworks:h665_firmware:1.46p1-0028

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-8950

Products

Pricing

Contact Us