Cw Tzeng

**Name of the Vulnerable Software and Affected Versions** Spirent TestCenter and Avalanche appliance admin interface firmware versions <= 5.08 **Description** An issue allows an attacker with access to an SSH restricted shell to achieve root access via shell metacharacters. This enables the attacker to read sensitive files, such as appliance admin configuration source code. The SSH restricted shell is accessible with default credentials. **Recommendations** For versions <= 5.08, update the firmware to a version that includes a fix for this issue, ensuring that default credentials are changed to prevent unauthorized access to the SSH restricted shell. As a temporary workaround, consider restricting access to the SSH restricted shell until a patch is available.