FTP Configuration Vulnerability in WiFiRanger Devices Allows Unauthorized Access to SSH Private Key and Root Account

FTP Configuration Vulnerability in WiFiRanger Devices Allows Unauthorized Access to SSH Private Key and Root Account

CVE-2018-17873 · LOW Severity

AV:A/AC:L/AU:N/C:P/I:N/A:N

An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account.

Learn more about our Network Penetration Testing.