HomePentest-Tools.com Logo

Backdoor in ScreenOS (Telnet) CVE-2015-7755CVE-2015-7754

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

ScreenOS is vulnerable to an unauthorized remote administrative access to the device over SSH or telnet.

Risk description

It was possible to login using any username and the password: <<< %s(un=%s) = %u In February 2018 it was discovered that this vulnerability is being exploited by the DoubleDoor Internet of Things (IoT) Botnet.

Recommendation

This issue was fixed in ScreenOS 6.2.0r19, 6.3.0r21, and all subsequent releases.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jan 8, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available