CVE-2017-20083
JUNG Smart Visu Server SSH Server backdoor
In short
JUNG Smart Visu Server contains a backdoor in its SSH Server that allows unauthorized access to the system. An attacker with local access can exploit this vulnerability to gain control of the affected device.
Technical detail
The SSH Server component in JUNG Smart Visu Server versions 1.0.804, 1.0.830, and 1.0.832 contains a hardcoded backdoor or authentication bypass (CWE-912: Hidden Functionality). Local access is required to exploit this vulnerability. Successful exploitation grants unauthorized administrative access to the system.
Summary generated and translated by AI from the official description.
A vulnerability, which was classified as critical, was found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832. Affected is an unknown function of the component SSH Server. The manipulation leads to backdoor. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.900 is able to address this issue. It is recommended to upgrade the affected component.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
JUNG · Smart Visu ServerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →