CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2012-4577
https://notcve.org/view.php?id=CVE-2012-4577
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session. La imagen del (firmware) de Linux en (1) en la serie de servidores (serial-device) Korenix Jetport 5600 y (2) en la serie de servidores (serial-device) ORing Industrial DIN-Rail tiene una contraseña codificada para la cuenta de (root) que permite a atacantes remotos obtener acceso con nivel administrativo a través de una sesión SSH. • http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02 http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02 http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity http://www.securityfocus.com/bid/55196 https://exchange.xforce.ibmcloud.com/vulnerabilities/77992 • CWE-255: Credentials Management Errors •