An independent research uncovered a critical vulnerability in badly configured webadmin plugin of many thousand enigma2 boxes in the wild. This misconfiguration could be used by unauthenticated remote attackers to achieve remote arbitrary code execution in the context of root superuser. To exploit the vulnerability an attacker could target common ISP networks for dial-in users. Continue reading...
