Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Eaton Power Xpert Meter 4000、6000和8000设备信任管理问题漏洞
Vulnerability Description
Eaton Power Xpert Meter 4000、6000和8000都是美国Eaton公司的电能质量计量器设备。 Eaton Power Xpert Meter 4000、6000和8000设备13.4.0.10之前版本中存在安全漏洞,该漏洞源于在不同用户安装过程中,程序只使用一个SSH私钥并且没有正确地限制对该私钥的访问。远程攻击者可借助PubkeyAuthentication选项利用该漏洞进行SSH登录。
CVSS Information
N/A
Vulnerability Type
N/A