martes, 9 de octubre de 2018

[Qlogic] 4G & 4/8G Fibre Channel Switch Module for IBM BladeCenter (CVE-2018-18202 )

Users (prom, diags and support) are not documented in the Qlogic 4/8G documentation, and those users  have the same login name as password


Affected System:  

  • QLogic(R) 4Gb Fibre Channel Switch Module for IBM BladeCenter(R)
  • QLogic(R) 20-Port 4/8 Gb SAN Switch Module for IBM BladeCenter(R)




Qlogic documentation:

Cracking the Qlogic /etc/passwd we easily get user passwords

The users prom, diags and support have as passwords the same login name


So, with a quick search in shodan the following results are obtained and we test the previously obtained users.


User support with password support. We can get information about the system.


Using the user diags with password diags, we can get a menu with some interesting options


Affected versions in my test







No hay comentarios.:

Publicar un comentario