Hi!
Our AP9617 card behaves a bit differently, but still, the password checks
out... It's too in a Silicon 10 kVA UPS, but the card can be used in
everything from the smallest BackUPS to huge Silicons.
/Fredrik
User Name : [anything]
Password : *******************
Final Functional Test: version 1.0.0
Operate at 38400 baud (y/n)? y
Change baud rate to 38400 and press <ENTER>Version:apc_hw02_aos_105.bin
Network Management Card AOS
AOS Checksum: PASSED
Version:apc_hw02_dp3e_116.bin Silcon DP300E Series APP
Application Checksum: PASSED
Hardware Revision:9
Model Number:AP9617
Serial Number:xxxxxxxxx
Manufacture Date:xx/xx/2002
MAC Address:00 C0 B7 xx xx xx
International Type:A
Language Type:A
Hardware Revision <ENTER> for current value:
Model Number <ENTER> for current value:
Serial Number <ENTER> for current value:
Manufacture Date <ENTER> for current value:
MAC Address <ENTER> for current value:
International Type <ENTER> for current value:
Language Type <ENTER> for current value:
Perform the self-test (y/n)? n
>*** Background:
>APC (American Power Conversion) SmartSwitch and UPS (uninterruptible power
>supply) products have a Web and SNMP management card installed that permits
>local serial console, TELNET, web and SNMP management, monitoring and
>mains power control of attached devices.
>
>
>*** The Problem:
>APC SmartSlot Web/SNMP management cards have a "backdoor" password that can
>be abused to extract plain text username/password details for all accounts
>and hence gain unauthorised full control of the device.
Received on Feb 18 2004
Intro
