Insecure Factory Account Password in RuggedCom Rugged Operating System (ROS) 3.10.x and Earlier

Insecure Factory Account Password in RuggedCom Rugged Operating System (ROS) 3.10.x and Earlier

CVE-2012-1803 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.

Learn more about our Web Application Penetration Testing UK.