[App_rpt-users] Voter Remote Console - Authentication Bypass Bug

Bryan Fields Bryan at bryanfields.net
Tue Jan 12 17:47:00 UTC 2016


On 1/12/16 11:30 AM, Travis Giedratis wrote:
> In the interest of full disclosure, this is final notification regarding an
> authentication bypass bug for the VOTER Remote Console running on the
> telnet service..
> 
> The specific method of authentication bypass along with other specific data
> has been scrubbed:

That's not full disclosure :)
Post it, this is very interesting.  I want to test this against RTCM units
which are evolved from the voter.

I'd hope most of these devices are behind firewalls or on VPN's.  The voters
are not Linux or another OS, it's a 16 bit microprocessor running embedded code.

Actually I may have one on the internet unprotected, need to check the router.

Thanks and 73's

-- 
Bryan Fields

727-409-1194 - Voice
727-214-2508 - Fax
http://bryanfields.net



More information about the App_rpt-users mailing list