CVE-2015-0936

Related Files

Ceragon FibeAir IP-10 7.2.0 Hidden User Backdoor

Posted May 19, 2017

Authored by Ian Ling

Ceragon FibeAir IP-10 versions 7.2.0 and below suffer from a hidden user backdoor vulnerability.

tags | exploit

advisories | CVE-2015-0936

SHA-256 | 19d0253d67bfd5628b69787c405f7a3c2992c6236010db3ca5711b8a3408d169

Download | Favorite | View

Ceragon FibeAir IP-10 SSH Private Key Exposure

Posted Apr 2, 2015

Authored by H D Moore, Tod Beardsley | Site metasploit.com

This Metasploit module exploits the fact that Ceragon ships a public/private key pair on FibeAir IP-10 devices that allows passwordless authentication to any other IP-10 device. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "mateidu" user.

tags | exploit, remote

advisories | CVE-2015-0936

SHA-256 | 3ffda87a127eecead37db406771d24d73a3f8fb62c5608cc9113f96992bf3bc3

Download | Favorite | View

Ceragon FibeAir IP-10 SSH Private Key Exposure

Posted Apr 2, 2015

Authored by Tod Beardsley

Ceragon FibeAir IP-10 suffers from an SSH private key exposure vulnerability.

tags | exploit, info disclosure

advisories | CVE-2015-0936

SHA-256 | 768dfecfdbbc1cece9dc248bd3f46e0b6f857da272a00ca6029519bf8127e833

Download | Favorite | View