CyberSec.Space Logo
Back to CVE Browser

CVE-2021-37555

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1800%
EPSS Percentile43.74th
PublishedJul 26, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyBox utilities (e.g., tar and nc).

Affected Platforms (CPE)

💻
Trixie

Tx9 Automatic Food Dispenser Firmware

= 3.2.57

References & Advisories

🔗 http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-296520
🔗 http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-296520

Related Vulnerabilities

CVE-2021-2124310.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deser...

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-2124410.0

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server sid...