Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

Spirent TestCenter and Avalanche Products Chassis Version Admin Interface <= 5.08 Privilege Escalation

Description

An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. An attacker, who already has access to an SSH restricted shell, can achieve root access via shell metacharacters. The attacker can then, for example, read sensitive files such as appliance admin configuration source code. This affects Spirent TestCenter and Avalanche products which chassis version <= 5.08. The SSH restricted shell is available with default credentials.

Impact

The attacker can install and run applications not meant to be used on the management interface of these test appliances.

Known Affected Firmware

Product Chasis Version
Spirent and C100-MP <= 5.08

Details

An attacker can through the Privilege Escalation vulnerability get root privilege from ssh initial shell (restricted, only for network setting). This vulnerability allows the attacker to install and run applications not meant to be used on the management interface of these test appliances.

Reference

Contributor

  • CW Tzeng