Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once stored in cleartext within a software update package on a Trango FTP server. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Prologix Trango产品安全漏洞
Vulnerability Description
Prologix Trango Apex Lynx等都是阿联酋Prologix公司的产品。Apex Lynx是一套户外微波回程系统。Apex Orion是一款用于Apex Lynx中的全双工点对点无线电链路。 多款Prologix Trango产品中存在安全漏洞,该漏洞源于Trango FTP服务器上的软件升级包中带有以明文方式储存的默认密码。攻击者可借助SSH或TELNET利用该漏洞获取底层嵌入式UNIX操作系统的访问权限,并完全控制该系统。以下产品和版本受到影响:Prologix Trango Ape
CVSS Information
N/A
Vulnerability Type
N/A