Archived Content
In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.RuggedCom Rugged Operating System Vulnerability
Last Revised
RuggedCom Rugged Operating System (ROS), used in RuggedCom network infrastructure devices, contains a hard-coded user account with a predictable password.
This user account cannot be manually disabled. An attacker who successfully guesses the password may be able to gain complete administrative control of the ROS device.
As a workaround, RuggedCom has recommended disabling the rsh service and setting the number of telnet connections allowed to 0.
For more information, please see US-CERT Vulnerability Note VU#889195.
This product is provided subject to this Notification and this Privacy & Use policy.