CVE-2019-12776
Last modified
CVE-2019-12776 is a vulnerability of currently unknown severity. An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. EPSS estimates a 2.02% chance of exploitation in the next 30 days.
Description
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and relocate_revB scripts copies the hardcoded key to the root user's authorized_keys file, enabling anyone with the associated private key to gain remote root access to all affected products.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Enttec | Datagate Mk2 Firmware | 70044 | 05032019-482 |
| Enttec | Storm 24 Firmware | 70044 | 05032019-482 |
| Enttec | Pixelator Firmware | 70044 | 05032019-482 |
| Enttec | E-Streamer Mk2 Firmware | 70044 | 05032019-482 |
References
- https://www.mogozobo.com/?p=3476Exploit, Third Party Advisory
- https://www.mogozobo.com/?p=3476Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-12776?
How severe is CVE-2019-12776?
How do I fix CVE-2019-12776?
Are you affected by CVE-2019-12776?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST