SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER Western Digital MyNet unauthenticated configuration disclosure attempt
This event is generated when an attempt to access the user and password through an unauthenticated admin page is detected. Impact: Attempted Information Leak Details: main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the "var pass=" line within the HTML source code. Ease of Attack: Simple
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2013-5006 |
Loading description
|