Harmonicinc: >> Nsg 9000 Security Vulnerabilities
Harmonic NSG 9000 devices allow remote authenticated users to read the webapp.py source code via a direct request for the /webapp.py URI.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-08-05
Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by "POST /PY/EMULATION_GET_FILE" or "POST /PY/EMULATION_EXPORT" with FileName=../../../passwd in the POST data.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-08-05
Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default password of nsgguest for the guest account, and a default password of nsgconfig for the config account.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-08-05