Iqrouter Firmware
CVE-2020-11965
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”
AnalysisAI
In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time” Affected products include: Evenroute Iqrouter Firmware. Version information: through 3.3.1.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
More in Iqrouter Firmware
View allIn IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of
In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root p
IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because o
In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of Incorrect Access Control. R
In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the roo
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today