VULHUB ™

When accessing a Samsung SmartEther switch, via the telnet service or serial connection, authentication is required and the user is presented with a logon screen. It has been reported that it is possible to bypass this authentication procedure. An attacker may potentially exploit this condition to, for example, modify static MAC address mapping and perhaps enable man-in-the-middle style attacks. Other attacks are certainly possible.

When accessing a Samsung SmartEther switch, via the telnet service or serial connection, authentication is required and the user is presented with a logon screen. It has been reported that it is possible to bypass this authentication procedure. An attacker may potentially exploit this condition to, for example, modify static MAC address mapping and perhaps enable man-in-the-middle style attacks. Other attacks are certainly possible.