📦

giga_lynx

Vendor: gotrango

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 34 Total Indexed

Avg. EPSS 0.75% Exploit Prob.

Latest CVE CVE-2016-10307 Mar 30

Security Vulnerability Index

Page 1 / 4

9.8 CVSS

CVE-2016-10307

Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.

EPSS: 1.12%

Severity: CRITICAL

Mar 30, 2017

9.8 CVSS

CVE-2016-10305

Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx < 2.0, GigaOrion < 2.0, GigaPlus <= 3.2.3, GigaPro <= 1.4.1, StrataLink < 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once stored in cleartext within a software update package on a Trango FTP server. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it.

EPSS: 0.37%

Severity: CRITICAL

Mar 30, 2017

Displaying 2 of 34 Total Entries

1 2 3 4

Total 4 Sections