CVE-2020-29378

Name of the Vulnerable Software and Affected Versions V-SOL V1600D versions V2.03.57 through V2.03.69 V-SOL V1600D4L version V1.01.49 V-SOL V1600D-MINI version V1.01.48 V-SOL V1600G1 versions V1.9.7 through V2.0.7 V-SOL V1600G2 version V1.1.4

Description An issue was discovered in V-SOL OLT devices, allowing the elevation of privilege of a CLI user to full administrative access by using a specific password for the enable command. The password !j@l#y$z%x6x7q8c9z) can be used to gain full administrative access.

Recommendations For V-SOL V1600D versions V2.03.57 through V2.03.69, update the password for the enable command to prevent unauthorized access. For V-SOL V1600D4L version V1.01.49, change the default password for the enable command. For V-SOL V1600D-MINI version V1.01.48, restrict access to the enable command until a patch is available. For V-SOL V1600G1 versions V1.9.7 through V2.0.7, consider disabling the enable command temporarily. For V-SOL V1600G2 version V1.1.4, avoid using the default password for the enable command.