Authentication bypass in Ceragon FibeAir IP-10 web interface (<7.2.0)

Posted by Ian Ling on Jun 16

[+] Credits: Ian Ling
[+] Website: iancaling.com

Vendor:
=================
www.ceragon.com

Product:
======================
-FibeAir IP-10

Vulnerability Type:
===================
Default Root Account

CVE Reference:
==============
N/A

Vulnerability Details:
=====================
Ceragon FibeAir IP-10 devices do not properly ensure that a user has
authenticated before granting them access to the web interface of the
device. The attacker simply…

007 Software

Authentication bypass in Ceragon FibeAir IP-10 web interface (<7.2.0)

Software and Security Information