Описание
RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.
Ссылки
- Broken Link
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- ExploitMailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryUS Government Resource
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- ExploitMailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Broken LinkVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.2.0 (включая) до 3.10.1 (включая)
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:*:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.61252
Средний
8.5 High
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.
EPSS
Процентиль: 98%
0.61252
Средний
8.5 High
CVSS2
Дефекты
CWE-310