PT-2020-11976 · Amino Communications · Kami7B+5
Published
2020-12-29
·
Updated
2021-01-14
·
CVE-2020-10210
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Amino Communications AK45x series
Amino Communications AK5xx series
Amino Communications AK65x series
Amino Communications Aria6xx series
Amino Communications Aria7/AK7Xx series
Amino Communications Kami7B
Description
The issue allows an attacker to remotely log in through SSH because of hard-coded SSH keys for the root user.
Recommendations
For Amino Communications AK45x series, update the SSH keys to unique ones for each device.
For Amino Communications AK5xx series, update the SSH keys to unique ones for each device.
For Amino Communications AK65x series, update the SSH keys to unique ones for each device.
For Amino Communications Aria6xx series, update the SSH keys to unique ones for each device.
For Amino Communications Aria7/AK7Xx series, update the SSH keys to unique ones for each device.
For Amino Communications Kami7B, update the SSH keys to unique ones for the device.
Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ak45X Series
Ak5Xx Series
Ak65X Series
Aria6Xx Series
Aria7/Ak7Xx Series
Kami7B