CVE-2018-5399

Published: Oct 8, 2018Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running. The Dropbear server is configured with a hard-coded user name and password combination of root / amroot. The server is configured to use password only authentication not cryptographic keys, however the firmware image contains an RSA host-key for the server. An attacker can exploit this vulnerability to gain root access to the Angstrom Linux operating system and modify any binaries or configuration files in the firmware. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.

Affected (2)

Products: Auto Maskin: Dcu 210e Firmware, Rp 210e Firmware

2 products

Dcu 210e Firmware

Rp 210e Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Auto Maskin Dcu 210e Firmware	Before 3.7

Running on/with	Platform Versions
Auto Maskin Dcu 210e	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Auto Maskin Rp 210e Firmware	Before 3.7

Running on/with	Platform Versions
Auto Maskin Rp 210e	All versions

Related CWEs

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (4)

https://www.kb.cert.org/vuls/id/176301

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

https://www.us-cert.gov/ics/advisories/icsa-20-051-04

Source: cret@cert.org

https://www.kb.cert.org/vuls/id/176301

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.us-cert.gov/ics/advisories/icsa-20-051-04

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.