CVE-2023-38433

Fujitsu IP series hardcoded credentials

"Fujitsu Real-time Video Transmission Gear "IP series" uses hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900?D / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013 and IP-9610 firmware versions V01L001 to V02L007." -nvd.nist.gov The Fujitsu IP Series refers to a line of IP (Internet Protocol) communication solutions developed and manufactured by Fujitsu, a multinational information technology company. The IP Series includes products such as IP telephony systems, IP-enabled PBX (Private Branch Exchange) systems, and associated software and hardware components. Like all hardcoded credentials vulnerabilities, there is nothing more to say other than the credentials. So, they could be:
[0] Username 'fedish264pro' && Password 'h264pro@broadsight' [1] Username 'fedish265pro' && Password 'h265pro@broadsight'
[*] fujitsu_dashboard.png

Looking for vulnerable targets

Each vulnerable host has a very specific content length of 1133 and is hosted on a thttpd web server, so you just have to search it on Shodan or similar services, like Hunter or FOFA: "Server: thttpd/2.25b 29dec2003" && "Content-Length: 1133"
[*] fofa_results.png