Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) prior to 11.4 allows remote malicious users to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit (TPU) within the IDU by sending crafted TCP requests to the IDU.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kratosdefense ngc_indoor_unit_firmware |