VULHUB ™

The Edimax 7205APL is reported to contain a default backdoor account. This account is hard-coded and cannot be removed. This account can be used to log in to the device and to create a backup of the configuration. This configuration contains all users and their corresponding passwords, allowing an attacker to then log in to the device as administrator. The reported vulnerable device had firmware revision 2.40a-00. Other revisions may also contain similar backdoor accounts.

The Edimax 7205APL is reported to contain a default backdoor account. This account is hard-coded and cannot be removed. This account can be used to log in to the device and to create a backup of the configuration. This configuration contains all users and their corresponding passwords, allowing an attacker to then log in to the device as administrator. The reported vulnerable device had firmware revision 2.40a-00. Other revisions may also contain similar backdoor accounts.