3 matches found
EUVD-2016-1493
Malware in sbrugna...
Command injection
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the...
CVE-2016-10308
CVE-2016-10308 affects Siklu EtherHaul radios running versions prior to 3.7.1 and 6.x prior to 6.9.0. The vulnerability stems from a built-in, hidden root account with an unchangeable password shared across all devices. This account allows access to the embedded Linux OS via both SSH and the devi...