Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

TELESTAR-DIGITAL GmbH Multiple Internet Radio Undocumented Telnet Service / Default Credentials

Information

Severity

Severity

Critical

Family

Family

Default Accounts

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

3 years ago

Modified

Modified

3 years ago

Summary

The internet radio products of TELESTAR-DIGITAL GmbH have an undocumented Telnet service with default credentials enabled.

Insight

Insight

It was possible to login with the telnet credentials 'root:password'.

Affected Software

Affected Software

TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 devices are known to be affected. Other devices and vendors might be affected as well.

Detection Method

Detection Method

Connect to the Telnet service and try to login with default credentials.

Solution

Solution

The vendor has released the firmware update TN81HH96-g102h-g103**a*-fb21a-3624 which is disabling the telnet service and removing the default password.

Common Vulnerabilities and Exposures (CVE)