CVE-2025-30234

SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the 60f76fd2-143f-4f57-819b-1ae32684e81b image a Debian 12 LX zone image from 2024-07-26...

CVE-2025-30234

SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the 60f76fd2-143f-4f57-819b-1ae32684e81b image a Debian 12 LX zone image from 2024-07-26...

The vulnerability of the SSH service on the SmartOS operating system, specifically the AdTran SRG 834-5 Wi-Fi routers, allows a hacker to execute arbitrary operating system commands.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of strictly encrypted login credentials. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating system...

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 allows a attacker to execute arbitrary operating system commands with root privileges.

The vulnerability of the SSH service on the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the use of pre-installed credentials due to incorrect processing of the MAC address sequence. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating syste...

CVE-2024-31970

AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...

CVE-2024-31970

AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...

CVE-2024-39345

AdTran 834-5 HDC17600021F1 SmartOS 11.1.1.1 devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final...

CVE-2024-39345

AdTran 834-5 HDC17600021F1 SmartOS 11.1.1.1 devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final...

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

CVE-2024-39345

AdTran 834-5 HDC17600021F1 SmartOS 11.1.1.1 devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final...

AdTran SRG 834-5 HDC17600021F1 安全漏洞

The AdTran SRG 834-5 HDC17600021F1 is a Gigabit Ethernet gateway from Adtran USA. A security vulnerability exists in the AdTran SRG 834-5 HDC17600021F1 SmartOS version 11.1.1.1, which stems from the device having SSH enabled by default, which allows an attacker to gain unauthorized root access by...

AdTran SRG 834-5 HDC17600021F1 操作系统命令注入漏洞

The AdTran SRG 834-5 HDC17600021F1 is a Gigabit Ethernet gateway from Adtran USA. An operating system command injection vulnerability exists in AdTran SRG 834-5 HDC17600021F1 SmartOS version 11.1.1.1, which can be exploited to execute arbitrary operating system commands with root privileges by...

CVE-2024-31970

The CVE-2024-31970 entry concerns AdTran SRG 834-5 HDC17600021F1 devices running SmartOS prior to 12.1.3.1. The root cause is hardcoded SSH credentials (admin/admin) used during a setup window, granting root-level privileges and enabling an attacker to modify the admin account or create a new one...

CVE-2024-31977

CVE-2024-31977 affects Adtran 834-5 devices (firmware 11.1.0.101-202106231430) with a root cause in the Ping/Traceroute utilities where shell metacharacters allow OS command injection. The vulnerability is addressed by SmartOS version 12.6.3.1 or later; SMARTOS fixes have been backported to the 1...

PT-2024-5339 · Adtran +1 · Adtran 834-5 +1

Name of the Vulnerable Software and Affected Versions: AdTran 834-5 HDC17600021F1 SmartOS versions 11.1.1.1 through 12.5.5.0 Description: The issue concerns a hidden, undocumented, hard-coded support account in AdTran 834-5 devices, whose password is based on the device's MAC address. Since all...

PT-2024-5338 · Adtran · Adtran 834-5

Name of the Vulnerable Software and Affected Versions: Adtran 834-5 versions 11.1.0.101-202106231430 SmartOS versions prior to 12.6.3.1 Description: The issue is related to the Ping and Traceroute utilities in the SmartOS operating system of AdTran SRG 834-5 Wi-Fi routers. It allows OS Command...

PT-2024-5340 · Adtran · Adtran Srg 834-5

Name of the Vulnerable Software and Affected Versions: AdTran SRG 834-5 devices with SmartOS versions prior to 12.1.3.1 Description: The issue is related to the use of hardcoded credentials in the SSH service of the affected devices. This allows a remote attacker to execute arbitrary operating...