关键漏洞信息 Advisory ID: - ZSL-2018-5480 Vulnerability Type: - Local/Remote Impact: - System Access Risk: - 5/5 Release Date: - 17.07.2018 Summary: - The IPn4Gb, IPn3Gb, Bullet-3G, Dragon-LTE, and VIP4Gb devices utilize hard-coded credentials within their Linux distribution image, which can give an attacker the ability to gain root access and log into the device using default credentials. Vendor: - Microhard Systems Inc. - http://www.microhardcorp.com Affected Versions: - IPn4Gb 1.1.0 build 1098 - IPn3Gb 2.2.0 build 2160 - IPn4Gb 1.1.6 build 1184-14 - IPn4Gb 1.1.0 Rev 2 build 1090-2 - IPn4Gb 1.1.0 Rev 2 build 1086 - Bullet-3G 1.2.0 Rev A build 1032 - VIP4Gb 1.1.6 build 1204-04 - VIP4G 1.1.6 Rev 3.0 build 1184-14 - VIP4G-WiFi-N 1.1.6 Rev 2.0.0 build 1196 - IPn3GII/Bullet-3G 1.2.0 build 1076 - IPn4GII/Bullet-LTE 1.2.0 build 1078 - BulletPlus 1.3.0 build 1036 - Dragon-LTE 1.1.0 build 1036 Vendor Status: - Vulnerability discovered on 13.03.2018 - No response from the vendor until the public release of the security advisory on 17.07.2018 PoC: - microhard_default.txt Credits: - Vulnerability discovered by Gjoko Krstic - Additional References: - Available in the screenshot