Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and relocate_revB scripts copies the hardcoded key to the root user's authorized_keys file, enabling anyone with the associated private key to gain remote root access to all affected products.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款ENTTEC产品信任管理问题漏洞
Vulnerability Description
ENTTEC Datagate MK2等都是澳大利亚ENTTEC公司的产品。ENTTEC Datagate MK2是一款照明控制器。ENTTEC Storm 24是一款以太网转DMX512转换器。ENTTEC Pixelator是一款像素控制器。 多款ENTTEC产品中存在信任管理问题漏洞。该漏洞源于网络系统或产品中缺乏有效的信任管理机制。攻击者可利用默认密码或者硬编码密码、硬编码证书等攻击受影响组件。以下产品及版本受到影响:使用70044_update_05032019-482之前版本固件的ENTTEC
CVSS Information
N/A
Vulnerability Type
N/A