PDA

View Full Version : Radio Vulnerabilities Ceragon, Dragonwave etc



simog72
2017-05-22, 09:36 PM
https://packetstormsecurity.com/files/142590/Ceragon-FibeAir-IP-10-7.2.0-Hidden-User-Backdoor.html

https://packetstormsecurity.com/files/142047/DragonWave-Horizon-1.01.03-Hardcoded-Credentials.html

seems this happens also in the radio products...


I will update this post with all the vulnerabilities will follow from all the vendors

Ceragon FibeAir IP-10 Web Interface Authentication Bypass Vulnerability (http://www.securityfocus.com/bid/91263)
2017-04-04
http://www.securityfocus.com/bid/91263

Ceragon FiberAir IP-10 CVE-2015-0936 Private Key Disclosure Vulnerability (http://www.securityfocus.com/bid/73696)
2015-04-01
http://www.securityfocus.com/bid/73696

Ceragon FiberAir IP-10 CVE-2015-0924 Hardcoded Credentials Security Bypass Vulnerability (http://www.securityfocus.com/bid/72107)
2015-01-16
http://www.securityfocus.com/bid/72107

byja
2017-06-08, 04:24 PM
This is not the only backdoor access to IP10, there's a better one.

I also know there's a backdoor to NEC radios, but I never got it.

carver
2017-06-11, 03:05 AM
yea,
my Ceragon ip20 series has root and snmp backdoors too,
and DragonWave allow root, and i think NEC ipasso too(forgot).

but many operator equipments has root/root and admin/admin accounts,
so it's OK, in any case we used firewall/VPN/DMZ/VLAN/etc for our equipment.
it's not problem.

Cost_Reducer
2017-06-11, 04:32 PM
And usually network elements and MNG interfaces are operated within a private IP network so access from outside is anyway quite challenging

ahsaan5
2017-06-11, 05:34 PM
how to do it with private ip network?

byja
2017-06-13, 04:55 PM
but many operator equipments has root/root and admin/admin accounts,
so it's OK, in any case we used firewall/VPN/DMZ/VLAN/etc for our equipment.
it's not problem.

Did you change at least the default user/pass on the firewall itself? :)

People, be serious about this. Admin/admin on your MW IDU is how russian hackers do things like changing your default AC temperature to electing Trump as US president. :)

carver
2017-06-13, 05:23 PM
russian hackers used incremental Fail2ban at our ubuntu/unix servers/desktop.
or 16+ chars password. no root/root ))))

https://habrahabr.ru/post/238303/


Did you change at least the default user/pass on the firewall itself? :)

People, be serious about this. Admin/admin on your MW IDU is how russian hackers do things like changing your default AC temperature to electing Trump as US president. :)