Korenix Jetport 5600 Series Default Credentials Authentication Bypass Vulnerability
10 September 2012
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.
CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
While SIEM still serves a valid purpose in the market, our teams were still missing alerts that led to significant data breaches. Enterprises were creating more data than ever before, hackers were getting smarter and making strategic hires in the security market was getting tougher.
Finding out if your API keys and other critical credentials have been compromised is crucial, and Canada-based developer Luke Mclaren has created a script that can help them see if they were dumped online.
Ivan Ristic is well-known in the information security world, and his name has become almost a synonym for SSL Labs. Before that, he was mostly known for his work with OWASP and the development of ModSecurity.