Default credentials

2017-03-3007:59:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.6%

JSON

Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.

CPENameOperatorVersion
apex_lynx_firmwareeq2.0
apex_orion_firmwareeq2.0
giga_lynx_firmwareeq2.0
giga_orion_firmwareeq2.0
stratalink_firmwarele3.0

Name	Operator	Version
apex_lynx_firmware	eq	2.0
apex_orion_firmware	eq	2.0
giga_lynx_firmware	eq	2.0
giga_orion_firmware	eq	2.0
stratalink_firmware	le	3.0

References

blog.iancaling.com/post/153011925478

www.securityfocus.com/bid/97242