Fibeair Ip 10 Firmware
Sign in to watchby Ceragon
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-0936 | Cri | 0.74 | 9.8 | 0.86 | Jun 1, 2017 | Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key. | |
| CVE-2016-10309 | Cri | 0.64 | 9.8 | 0.01 | Mar 30, 2017 | In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to their browser. |