CVE-2018-15555

Name of the Vulnerable Software and Affected Versions Telus Actiontec WEB6000Q version 1.1.02.22

Description The issue allows an attacker to gain root level access on the device using the username "root" and password "admin" through the enabled onboard UART headers. This provides an attacker with elevated privileges, potentially leading to further exploitation.

Recommendations For Telus Actiontec WEB6000Q version 1.1.02.22, consider disabling the onboard UART headers to prevent unauthorized access until a patch is available. Additionally, changing the default password for the "root" user can help mitigate the risk of exploitation.