Ceragon: >> Fibeair Ip-10 Firmware Security Vulnerabilities
Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.
CVSS Score
9.8
EPSS Score
0.863
Published
2017-06-01
In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to their browser.
CVSS Score
9.8
EPSS Score
0.008
Published
2017-03-30