PT-2016-6977 · Aver Information · Aver Information Eh6108H+
Travis Lee
·
Published
2016-09-19
·
Updated
2016-11-28
·
CVE-2016-6535
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l
Description
The issue allows remote attackers to obtain root access by leveraging knowledge of hardcoded account credentials and establishing a TELNET session.
Recommendations
For AVer Information EH6108H+ devices with firmware X9.03.24.00.07l, consider disabling TELNET access as a temporary workaround until a patch is available. Restrict access to the device to minimize the risk of exploitation.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aver Information Eh6108H+