| Title | Tosei TOSEI online store management system (aka TOSEIネット店舗管理システム) 4.02/4.03/4.04 Use of Weak Credentials |
|---|
| Description | Vendor:
Tosei (https://www.tosei-corporation.co.jp/)
Product:
TOSEI online store management system (aka TOSEIネット店舗管理システム)
Product documentation:
https://www.tosei-corporation.co.jp/pdf/manual/cl_current/OP_THS-300-WEB.pdf
Version:
4.02/4.03/4.04
Shodan Dorks:
http.favicon.hash:-244067125 http.html:Tosei
Impact:
Access to the management backend is permitted with the default admin username and password, and this account has the authority to modify the usage fees and discounts for specific self-service washing machines.
Attack vector:
The default admin username and password are both: contecfws01
Discoverer:
b0rgch3n (https://github.com/b0rgch3n) |
|---|
| Source | ⚠️ https://gist.github.com/b0rgch3n/3136cad95b09e42184fb2d78aae33651 |
|---|
| User | b0rgch3n (UID 72796) |
|---|
| Submission | 08/06/2024 09:40 (2 years ago) |
|---|
| Moderation | 08/16/2024 22:45 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 274906 [Tosei Online Store Management System ネット店舗管理システム Backend default credentials] |
|---|
| Points | 20 |
|---|