{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002338.html",
  "dc:date": "2024-06-14T14:06+09:00",
  "dcterms:issued": "2022-08-23T15:02+09:00",
  "dcterms:modified": "2024-06-14T14:06+09:00",
  "description": "MZK-DP150N provided by PLANEX COMMUNICATIONS INC. contains a hidden administrative screen (CVE-2021-37289, CWE-912).\r\n\r\nIn the initial settings of the product, the login account for the configuration screen is common to all products.\r\nPlease change the account information from the initial settings before using it.\r\n\r\nThomas J. Knudsen and Samy Younsi of Necrum Security Labs reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002338.html",
  "sec:cpe": {
    "#text": "cpe:/o:planex:mzk-dp150n_firmware",
    "@product": "MZK-DP150N firmware",
    "@vendor": "PLANEX COMMUNICATIONS INC.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002338",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/vu/JVNVU98291763/index.html",
      "@id": "JVNVU#98291763",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2021-37289",
      "@id": "CVE-2021-37289",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-37289",
      "@id": "CVE-2021-37289",
      "@source": "NVD"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/912.html",
      "@id": "CWE-912",
      "@title": "Hidden Functionality(CWE-912)"
    }
  ],
  "title": "PLANEX MZK-DP150N contains hidden administrative functionality"
}