Ceragon Fibeair_ip-10_firmware
2 CVEs affecting Ceragon Fibeair_ip-10_firmware. Latest disclosed: 2017-06-01. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-0936 | Critical | 9.8 | 2017-06-01 | Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remote attackers to obtain SSH access by lev… |
CVE-2016-10309 | Critical | 9.8 | 2017-03-30 | In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to… |