ID CVE-2012-1803
Summary RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.
References
Vulnerable Configurations
  • cpe:2.3:o:ruggedcom:ros:3.2
    cpe:2.3:o:ruggedcom:ros:3.2
  • cpe:2.3:o:ruggedcom:ros:3.3
    cpe:2.3:o:ruggedcom:ros:3.3
  • cpe:2.3:o:ruggedcom:ros:3.7
    cpe:2.3:o:ruggedcom:ros:3.7
  • cpe:2.3:o:ruggedcom:ros:3.8
    cpe:2.3:o:ruggedcom:ros:3.8
  • cpe:2.3:o:ruggedcom:ros:3.9
    cpe:2.3:o:ruggedcom:ros:3.9
  • cpe:2.3:o:ruggedcom:ros:3.10
    cpe:2.3:o:ruggedcom:ros:3.10
CVSS
Base: 8.5 (as of 30-04-2012 - 12:30)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description RuggedCom Devices Backdoor Access. CVE-2012-1803,CVE-2012-2441. Remote exploit for hardware platform
file exploits/hardware/remote/18779.txt
id EDB-ID:18779
last seen 2016-02-02
modified 2012-04-24
platform hardware
port
published 2012-04-24
reporter jc
source https://www.exploit-db.com/download/18779/
title RuggedCom Devices Backdoor Access
type remote
metasploit via4
description This module will calculate the password for the hard-coded hidden username "factory" in the RuggedCom Rugged Operating System (ROS). The password is dynamically generated based on the devices MAC address.
id MSF:AUXILIARY/SCANNER/TELNET/TELNET_RUGGEDCOM
last seen 2017-10-17
modified 2017-07-24
published 2012-05-13
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/telnet/telnet_ruggedcom.rb
title RuggedCom Telnet Password Generator
packetstorm via4
data source https://packetstormsecurity.com/files/download/112149/ruggedcom-backdoor.txt
id PACKETSTORM:112149
last seen 2016-12-05
published 2012-04-24
reporter jc
source https://packetstormsecurity.com/files/112149/RuggedCom-Device-Undocumented-Backdoor.html
title RuggedCom Device Undocumented Backdoor
refmap via4
bid 53215
bugtraq 20120423 RuggedCom - Backdoor Accounts in my SCADA network? You don't say...
cert-vn VU#889195
confirm
exploit-db 18779
fulldisc 20120423 RuggedCom - Backdoor Accounts in my SCADA network? You don't say...
misc
xf ruggedcom-operating-system-backdoor(75120)
Last major update 20-05-2013 - 23:16
Published 27-04-2012 - 20:55
Last modified 13-12-2017 - 21:29
Back to Top