CVE-2016-10306

Name of the Vulnerable Software and Affected Versions Trango Altum AC600 devices (affected versions not specified)

Description The issue concerns a built-in, hidden root account with a default password of abcd1234. This account can be accessed via SSH and/or TELNET, granting full control over the device by allowing access to the underlying embedded UNIX OS. The exploitation of this issue may enable a remote attacker to gain administrative access to the device's operating system using SSH or Telnet protocol.

Recommendations For Trango Altum AC600 devices, change the default password of the root account to a strong, unique password to prevent unauthorized access. As a temporary workaround, consider disabling SSH and TELNET access to the device until a more secure configuration or patch is available. Restrict access to the device's administrative interface to minimize the risk of exploitation.