E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellin…
E3 Site Supervisor Control (firmware version < 2.31F01) contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the underlying OS.
The device includes chicken bits or undocumented features that can create entry points for unauthorized actors.
https://cwe.mitre.org/data/definitions/1242.html →Open in CWE collection →An adversary searches for and invokes interfaces or functionality that the target system designers did not intend to be publicly available. If interfaces fail to authenticate requests, the attacker may be able to invoke functionality they are not authorized for.
https://capec.mitre.org/data/definitions/36.html →Open in CAPEC collection →An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data.
https://capec.mitre.org/data/definitions/212.html →Open in CAPEC collection →| Product | Vendor | Status |
|---|---|---|
| e3_supervisory_controller_firmware | * | Tracked |