2 matches found
Multiple Vendors EAS Authentication Bypass
The remote EAS device permits root login using an SSH key with a publicly available private key. The private key was included in older copies of Monroe Electronics and Digital Alert Systems firmware. A remote attacker with access to the private key can bypass authentication of the root user...
CVE-2013-0137
Summary (CVE-2013-0137) The Digital Alert Systems DASDEC‑I/II and Monroe Electronics R189 One‑Net EAS devices released before firmware version 2.0‑2 contained a publicly available private SSH key in firmware, enabling remote attackers with SSH access to log in as root and spoof alerts. The issue ...