CVE-2020-35338
published 2020-12-14CVE-2020-35338: The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password…
PriorityP274critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
11.65%
95.5th percentile
The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server 20.2.8 and earlier has a default account with a password of "pokon."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mobileviewpoint | wireless_multiplex_terminal_playout_server | <= 20.2.8 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Send a GET request to /server/ with the Authorization header 'Basic OnBva29u' (Base64 of ':pokon'). A 200 response containing the string 'WMT Server' confirms successful authentication with default credentials.
- →The response body keyword 'WMT Server' in combination with HTTP 200 status is a reliable indicator that the default credential (empty username / password 'pokon') is accepted by the Web Administrative Interface.
- ·The default credential applies to Mobile Viewpoint WMT Playout Server version 20.2.8 and earlier only. Versions beyond 20.2.8 are not confirmed to carry this default password. ↗
- ·The Base64 value 'OnBva29u' decodes to ':pokon', indicating an empty username field. Scanners must send the Authorization header exactly as shown; a non-empty username will not match the default account.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
nuclei·CVSS 9.8
CVE-2020-35338 [CRITICAL] Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
Wireless Multiplex Terminal Playout Server <=20.2.8 has a default account with a password of pokon available via its web administrative interface.
Template:
id: CVE-2020-35338
info:
name: Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection
author: Jeya Seelan
severity: critical
description: Wireless Multiplex Terminal Playout Server <=20.2.8 has a default account with a password of pokon available via its web administrative interface.
impact: |
An attacker can exploit this vulnerability to gain unauthorized access to the server.
remediation: |
Change the default credentials to strong and unique ones.
reference:
- https://jeyaseelans.medium.com/cve-2020-35338-9e841f48defa
-
2020-12-14
Published