Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
30 August 2012
The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 126.96.36.19999 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers to compromise a machine on which the software is installed.