Trusted Design

DSL routers contain hard-coded "XXXXairocon" credentials

概要

CWE-798: Use of Hard-coded Credentials DSL routers, including the ASUS DSL-N12E, DIGICOM DG-5524T, Observa Telecom RTA01N, Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN, and ZTE ZXV10 W300 contain hard-coded credentials that are useable in the telnet service on the device. In the ASUS, DIGICOM, Observa Telecom, and ZTE devices, the username is "admin," in the PLDT device, the user name is "adminpldt," and in all affected devices, the password is "XXXXairocon" where "XXXX" is the last four characters of the device's MAC address. The MAC address may be obtainable over SNMP with community string public. The vulnerability was previously disclosed in VU#228886 and assigned CVE-2014-0329 for ZTE ZXV10 W300, but it was not known at the time that the same vulnerability affected products published by other vendors. The Observa Telecom RTA01N was previously disclosed on the Full Disclosure mailing list.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

ZTE ZXHN H108N R1A routers contain multiple vulnerabilities (score: 0.57)
ZSCALER 2015-12-13: New Spy Banker Trojan Telax (score: 0.54)
DVR Firmware for multiple vendors contains hard-coded creds (score: 0.53)
Cisco default credentials - again! (score: 0.51)
Vulnerability Note VU#614751 - Hughes satellite modems contain multiple vulnerabilities (score: 0.51)

このPulseに関連する脅威アクター (事実ベース)

Sandworm Team

Score: 5.31

Matched TTPs:

T1686.003 - Windows Host Firewall
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Volt Typhoon

Score: 10.74

Matched TTPs:

T1686.003 - Windows Host Firewall
T1140 - Deobfuscate/Decode Files or Information
T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

Storm-0501

Score: 7.41

Matched TTPs:

T1686.003 - Windows Host Firewall
T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware

MITREへのリンク →

Rocke

Score: 4.76

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1008 - Fallback Channels

MITREへのリンク →

FIN7

Score: 8.82

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

APT28

Score: 19.22

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1139 - Bash History
T1146 - Clear Command History
T1055.008 - Ptrace System Calls
T1564.004 - NTFS File Attributes

MITREへのリンク →

Kimsuky

Score: 12.35

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware
T1665 - Hide Infrastructure
T1008 - Fallback Channels
T1490 - Inhibit System Recovery

MITREへのリンク →

BackdoorDiplomacy

Score: 3.57

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware

MITREへのリンク →

FIN13

Score: 3.57

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware

MITREへのリンク →

BlackTech

Score: 4.91

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1685.005 - Clear Windows Event Logs

MITREへのリンク →

Magic Hound

Score: 3.57

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware

MITREへのリンク →

Medusa Group

Score: 4.22

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1128 - Netsh Helper DLL

MITREへのリンク →

Sea Turtle

Score: 4.14

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1490 - Inhibit System Recovery

MITREへのリンク →

Fox Kitten

Score: 3.57

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware

MITREへのリンク →

Ke3chang

Score: 4.91

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1685.005 - Clear Windows Event Logs

MITREへのリンク →

ToddyCat

Score: 4.30

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1665 - Hide Infrastructure

MITREへのリンク →

Winter Vivern

Score: 3.57

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware

MITREへのリンク →

APT29

Score: 4.14

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1490 - Inhibit System Recovery

MITREへのリンク →

UNC3886

Score: 6.16

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware
T1578.001 - Create Snapshot

MITREへのリンク →

APT41

Score: 6.85

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1588.001 - Malware
T1008 - Fallback Channels

MITREへのリンク →

Play

Score: 4.14

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1490 - Inhibit System Recovery

MITREへのリンク →

HAFNIUM

Score: 8.27

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1055.008 - Ptrace System Calls
T1490 - Inhibit System Recovery

MITREへのリンク →

Ferocious Kitten

Score: 3.44

Matched TTPs:

T1685.005 - Clear Windows Event Logs

MITREへのリンク →

Scarlet Mimic

Score: 3.44

Matched TTPs:

T1685.005 - Clear Windows Event Logs

MITREへのリンク →

BRONZE BUTLER

Score: 9.32

Matched TTPs:

T1685.005 - Clear Windows Event Logs
T1578.001 - Create Snapshot
T1008 - Fallback Channels

MITREへのリンク →

APT32

Score: 4.76

Matched TTPs:

T1588.001 - Malware
T1490 - Inhibit System Recovery

MITREへのリンク →

Wizard Spider

Score: 5.72

Matched TTPs:

T1588.001 - Malware
T1556.009 - Conditional Access Policies

MITREへのリンク →

FIN6

Score: 4.84

Matched TTPs:

T1588.001 - Malware
T1128 - Netsh Helper DLL

MITREへのリンク →

PROMETHIUM

Score: 4.76

Matched TTPs:

T1588.001 - Malware
T1490 - Inhibit System Recovery

MITREへのリンク →

ZIRCONIUM

Score: 4.69

Matched TTPs:

T1588.001 - Malware
T1578.001 - Create Snapshot

MITREへのリンク →

Higaisa

Score: 7.52

Matched TTPs:

T1588.001 - Malware
T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

Lazarus Group

Score: 11.65

Matched TTPs:

T1588.001 - Malware
T1055.005 - Thread Local Storage
T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

Velvet Ant

Score: 5.41

Matched TTPs:

T1128 - Netsh Helper DLL
T1490 - Inhibit System Recovery

MITREへのリンク →

Tropic Trooper

Score: 8.25

Matched TTPs:

T1128 - Netsh Helper DLL
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

OilRig

Score: 6.37

Matched TTPs:

T1128 - Netsh Helper DLL
T1556.009 - Conditional Access Policies

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Turla

Score: 8.88

Matched TTPs:

T1556.009 - Conditional Access Policies
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

Mustang Panda

Score: 4.13

Matched TTPs:

T1055.005 - Thread Local Storage

MITREへのリンク →

Patchwork

Score: 6.12

Matched TTPs:

T1665 - Hide Infrastructure
T1008 - Fallback Channels

MITREへのリンク →

Chimera

Score: 5.43

Matched TTPs:

T1665 - Hide Infrastructure
T1578.001 - Create Snapshot

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1008 - Fallback Channels

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.78

Matched TTPs:

T1139 - Bash History
T1564.004 - NTFS File Attributes
T1055.008 - Ptrace System Calls
T1146 - Clear Command History
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る