virus logo Intrusion Prevention

Telnet.Default.Credentials

description-logoDescription

This indicates an attempt to login telnet using system default credentials.
This signature checks for common default telnet username and passwords that are hard coded in IoT devices. Malware such Mirai sometimes scans for open telnet ports and attempts to login using these default credentials.

affected-products-logoAffected Products

Any telnet server that accepts the default credentials.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Monitor the traffic from that network for any suspicious activity.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-02-11 15.775 Default_action:pass:drop
2020-01-08 15.754
ID 48633
Created Jan 08, 2020
Updated Feb 10, 2020
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS All
Affected App Other