Korenix Jetport 5600 Series Default Credentials Authentication Bypass Vulnerability
10 September 2012
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.
CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Dyre's primary goal is to harvest victims' online credentials, and it's capable of doing this by mounting Man-in-the-Browser attacks against the three most commonly used Windows browsers: Internet Explorer, Firefox, and Chrome.