Hardcoded Root Accounts in Sierra Wireless ALEOS Devices

Hardcoded Root Accounts in Sierra Wireless ALEOS Devices

CVE-2015-2897 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.

Learn more about our Wireless Penetration Test.