A directory traversal vulnerability on Telos Z/IP One devices up to and including 4.0.0r grants an unauthenticated individual root level access to the device's file system. This can be used to identify configuration settings, password hashes for built-in accounts, and the cleartext password for remote configuration of the device through the WebUI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
telosalliance z\\/ip_one_firmware |