PT-2012-3551 · Ruggedcom · Ruggedcom Rugged Operating System

Justin W. Clarke

Published

2012-04-28

Updated

2022-02-01

CVE-2012-1803

CVSS v2.0

8.5

High

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions RuggedCom Rugged Operating System (ROS) versions 3.10.x and earlier

Description The issue allows remote attackers to obtain access by calculating a password derived from the MAC Address field in the banner, and then establishing a session via TELNET, remote shell (rsh), or serial-console.

Recommendations For versions 3.10.x and earlier, consider disabling remote access via TELNET, rsh, and serial-console until a fix is available. Restrict access to the factory account to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2012-1803

Affected Products

Ruggedcom Rugged Operating System

PT-2012-3551 · Ruggedcom · Ruggedcom Rugged Operating System

CVE-2012-1803

Weakness Enumeration

Related Identifiers

Affected Products

References · 15