-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4388-2 secur...@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 17, 2019
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape
===
The Digi TransPort LR54 is a high speed LTE router commonly used by industry,
infrastructure, retail and public transportation.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4392-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 16, 2019
Hi!
DASAN H665 has vendor backdoor built into BusyBox /bin/login. Account
named "dnsekakf2$$" gives access to admin (uid 0) account over telnet
without any password, at least for administration interface documented
in H665 Quick Guide (subnet 192.168.55.0/24 on LAN interface).
$ telnet