Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open, allowing to log into Kura without any user credentials over unencrypted telnet and executing commands using the Equinox "exec" command. As the process is running as "root" full control over the device can be acquired. IPv6 is also left in auto-configuration mode, accepting router advertisements automatically and assigns a MAC address based IPv6 address.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Eclipse Kura 安全漏洞
Vulnerability Description
Eclipse Kura是Eclipse基金会的一个基于OSGi的M2M服务网关应用框架。 Eclipse Kura 2.1.0之前的版本中存在安全漏洞。攻击者可利用该漏洞登录设备,执行命令,或控制设备。
CVSS Information
N/A
Vulnerability Type
N/A