2 matches found
CVE-2020-11965
In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration which has a required step fo...
CVE-2020-11965
In IQrouter 3.3.1 and earlier, a root password is missing, enabling full remote SSH access. The root account has an empty password during initial setup, allowing an attacker with network access to gain full control. The issue is tied to initial configuration behavior and is stated to also reflect...