CVE-2020-26510

by Fred · 16/11/2020

Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file, with resultant remote code execution. Date published : 2020-11-16 https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-033.txt