CVE-2012-3951 Information

Description

The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts which allows remote attackers to execute arbitrary SQL commands via a TCP session.

Reference

http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt