Systech: >> Syslink Sl-1000 Modular Gateway Security Vulnerabilities
SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 use the same hardcoded encryption key across different customers' installations, which allows attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation.
CVSS Score
7.5
EPSS Score
0.001
Published
2016-04-25
flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 (aka dnsmasq) parameter.
CVSS Score
8.8
EPSS Score
0.003
Published
2016-04-25
The web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 has a default password, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.004
Published
2016-04-25