Vigilant Fixed Lpr Coms Box Firmware
Monthly
An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.
An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.
An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.