6 matches found
CVE-2018-16158
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins to uid 0 via the PubkeyAuthentication...
Eaton Power Xpert Meter Use of Hard-coded Credentials (CVE-2018-16158)
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins to uid 0 via the PubkeyAuthentication...
Design/Logic Flaw
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins to uid 0 via the PubkeyAuthentication...
CVE-2018-16158
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins to uid 0 via the PubkeyAuthentication...
CVE-2018-16158
CVE-2018-16158 affects Eaton Power Xpert Meter 4000, 6000, and 8000 devices prior to firmware 13.4.0.10. A single SSH private key is shared across different customers’ installations and access to this key is not properly restricted, enabling remote attackers to log in via PubkeyAuthentication as ...
CVE-2018-16158
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins to uid 0 via the PubkeyAuthentication...