Ceragon FibeAir IP-10 7.2.0 Hidden User Backdoor Vulnerability

Exploit for hardware platform in category web applications + Credits: Ian Ling + Website: iancaling.com + Source: http://blog.iancaling.com/post/160817658078 Vendor: ================= https://www.ceragon.com Products: ====================== Ceragon FibeAir IP-10 =7.2.0 latest version Vulnerabilit...

Ceragon FibeAir IP-10 SSH Private Key Exposure

Ceragon ships a public/private key pair on FibeAir IP-10 devices that allows passwordless authentication to any other IP-10 device. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "mateidu" user. This module requires Metasploit:...