RuggedCom Rugged Operating System Vulnerability

RuggedCom Rugged Operating System (ROS), used in RuggedCom network infrastructure devices, contains a hard-coded user account with a predictable password.

This user account cannot be manually disabled. An attacker who successfully guesses the password may be able to gain complete administrative control of the ROS device.

As a workaround, RuggedCom has recommended disabling the rsh service and setting the number of telnet connections allowed to 0.

For more information, please see US-CERT Vulnerability Note VU#889195.

This product is provided subject to this Notification and this Privacy & Use policy.