Test ID:	1.3.6.1.4.1.25623.1.0.108718
Category:	Brute force attacks
Title:	FTP Brute Force Logins Reporting
Summary:	It was possible to login into the remote FTP server using; weak/known credentials.
Description:	Summary: It was possible to login into the remote FTP server using weak/known credentials. Vulnerability Insight: The following devices are / software is known to be affected: - CVE-2001-1594: Codonics printer FTP service as used in GE Healthcare eNTEGRA P&R - CVE-2013-7404: GE Healthcare Discovery NM 750b - CVE-2014-9198: Schneider Electric ETG3000 FactoryCast HMI gateways - CVE-2015-7261: QNAP iArtist Lite distributed with QNAP Signage Station - CVE-2016-8731: Foscam C1 devices - CVE-2017-8218: vsftpd on TP-Link C2 and C20i devices - CVE-2018-9068: IMM2 for IBM and Lenovo System x - CVE-2018-17771: Ingenico Telium 2 PoS terminals - CVE-2018-19063, CVE-2018-19064: Foscam C2 and Opticam i5 devices Note: As the VT 'FTP Brute Force Logins' (OID: 1.3.6.1.4.1.25623.1.0.108717) might run into a timeout the actual reporting of this vulnerability takes place in this VT instead. Vulnerability Impact: This issue may be exploited by a remote attacker to e.g. gain access to sensitive information or modify system configuration. Solution: Change the password as soon as possible. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-1999-0501 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0501 Common Vulnerability Exposure (CVE) ID: CVE-1999-0502 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502 Common Vulnerability Exposure (CVE) ID: CVE-1999-0507 https://www.cve.org/CVERecord?id=CVE-1999-0507 Common Vulnerability Exposure (CVE) ID: CVE-1999-0508 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0508 Common Vulnerability Exposure (CVE) ID: CVE-2001-1594 http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/ https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02 https://twitter.com/digitalbond/status/619250429751222277 Common Vulnerability Exposure (CVE) ID: CVE-2013-7404 Common Vulnerability Exposure (CVE) ID: CVE-2014-9198 BugTraq ID: 72258 http://www.securityfocus.com/bid/72258 BugTraq ID: 77765 http://www.securityfocus.com/bid/77765 https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02 Common Vulnerability Exposure (CVE) ID: CVE-2015-7261 CERT/CC vulnerability note: VU#444472 http://www.kb.cert.org/vuls/id/444472 Common Vulnerability Exposure (CVE) ID: CVE-2016-8731 BugTraq ID: 99193 http://www.securityfocus.com/bid/99193 https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0245 Common Vulnerability Exposure (CVE) ID: CVE-2017-8218 https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerable.html Common Vulnerability Exposure (CVE) ID: CVE-2018-9068 Common Vulnerability Exposure (CVE) ID: CVE-2018-17771 https://ingenico.us/smart-terminals/telium2 https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-11/ https://youtu.be/gtbS3Gr264w https://youtu.be/oyUD7RDJsJs Common Vulnerability Exposure (CVE) ID: CVE-2018-19063 https://sintonen.fi/advisories/foscam-ip-camera-multiple-vulnerabilities.txt Common Vulnerability Exposure (CVE) ID: CVE-2018-19064
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.