Critical severity9.8NVD Advisory· Published Sep 11, 2017· Updated Jun 17, 2026
CVE-2017-7649
CVE-2017-7649
Description
The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules to be configured. Still the Equinox console port 5002 is left open, allowing to log into Kura without any user credentials over unencrypted telnet and executing commands using the Equinox "exec" command. As the process is running as "root" full control over the device can be acquired. IPv6 is also left in auto-configuration mode, accepting router advertisements automatically and assigns a MAC address based IPv6 address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Eclipse Foundation/Eclipse Kura Installerv5Range: unspecified
Patches
Vulnerability mechanics
References
2- bugs.eclipse.org/bugs/show_bug.cginvdThird Party Advisory
- github.com/eclipse/kura/issues/956nvdThird Party Advisory
News mentions
0No linked articles in our index yet.