Hard-coded rsadmin Account with Null Password in Rapidstream 2.1 Beta VPN Appliance SSHD Program

Hard-coded rsadmin Account with Null Password in Rapidstream 2.1 Beta VPN Appliance SSHD Program

CVE-2000-0784 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh.

Learn more about our Api Penetration Testing.