10
CVE-2016-10308
- EPSS 2.1%
- Veröffentlicht 30.03.2017 07:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginSiklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the device, allowing full control over it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siklu ≫ Etherhaul Firmware Version <= 3.7.0
Siklu ≫ Etherhaul-5500fd Version-
Siklu ≫ Etherhaul 500tx Version-
Siklu ≫ Etherhaul 60ghz V-band Radio Version-
Siklu ≫ Etherhaul 70ghz E-band Radio Version-
Siklu ≫ Etherhaul 500tx Version-
Siklu ≫ Etherhaul 60ghz V-band Radio Version-
Siklu ≫ Etherhaul 70ghz E-band Radio Version-
Siklu ≫ Etherhaul Firmware Version6.0
Siklu ≫ Etherhaul-5500fd Version-
Siklu ≫ Etherhaul 500tx Version-
Siklu ≫ Etherhaul 60ghz V-band Radio Version-
Siklu ≫ Etherhaul 70ghz E-band Radio Version-
Siklu ≫ Etherhaul 500tx Version-
Siklu ≫ Etherhaul 60ghz V-band Radio Version-
Siklu ≫ Etherhaul 70ghz E-band Radio Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.1% | 0.825 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.