Vulnerability: Unauthorized Root Access via UART Headers on Telus Actiontec WEB6000Q v1.1.02.22 Devices

Vulnerability: Unauthorized Root Access via UART Headers on Telus Actiontec WEB6000Q v1.1.02.22 Devices

CVE-2018-15555 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

On Telus Actiontec WEB6000Q v1.1.02.22 devices, an attacker can login with root level access with the user "root" and password "admin" by using the enabled onboard UART headers.

Learn more about our Web App Pen Testing.