JVN#71349007: Opengear console servers vulnerable to authentication bypass

Opengear console servers are for managing servers and network products. Opengear console servers contain an authentication bypass vulnerability.

Impact

A remote attacker may change the settings in the Opengear console server or gain access to products that are connected to the console server.

Solution

Update the Firmware
Update to the latest version of the firmware, according to the information provided by the developer.

According to the developer, this vulnerability was addressed in firmware version 2.2.1.

Products Affected

• Opengear console server firmware versions prior to 2.2.1
  Console servers that use the above firmware versions are vulnerable.