Bypassed an internal network login panel
Not even thought that organisations are not focussing on their networks and using this type of low security for their internal networks.
So it’s the company of which I got project to test their network security. ======================
I’ll not reveal the name so assume it as Xyztech
I went on the client’s side and connected their LAN cable in my laptop and browsed their gateway IP which was obviously 192.168.1.2
I saw a login panel (see image) as it’s showing that it’s of Dell (integrated dell remote access controller 6)
I simply gave it a thought and searched for default password for the panel and found as root and Calvin and tried those.
Results was not expected that I got access to their internal server.
Remediations
1)Always customise the URLs
2)Go for passwords other than defaults
3)Try to go apply passwords with encrypted values.