Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ORing net IAP-420(+) Hidden Functionality
Vulnerability Description
On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device via LAN or WiFi with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
隐藏功能
Vulnerability Title
ORing Net IAP-420+ 安全漏洞
Vulnerability Description
ORing Net IAP-420+是中国威力(ORing)公司的一种无线接入点。 ORing Net IAP-420+ 2.0m版本存在安全漏洞,该漏洞源于telnet服务器默认启用,不能永久禁用,可以使用硬编码凭据连接到设备并获取管理shell,每次重新启动时,这些凭据都会重置为默认值。
CVSS Information
N/A
Vulnerability Type
N/A