WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and previous versions has a backdoor account allowing a remote malicious user to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xinruidz sundray_wan_controller_firmware |