CVE-2019-8950

Name of the Vulnerable Software and Affected Versions DASAN H665 version 1.46p1-0028

Description A backdoor account exists in the /bin/login of DASAN H665 devices, allowing an attacker to login to the admin account via TELNET using the account dnsekakf2$$. This issue has seen increased interest, indicating potential exploitation.

Recommendations For DASAN H665 version 1.46p1-0028, consider disabling TELNET access to prevent exploitation of the backdoor account dnsekakf2$$ until a patch is available. Restrict access to the admin account to minimize the risk of unauthorized login.