V100R012
H3C Magic B1STV100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
###Product_version
- **Product:** H3C Magic B1ST
- **Firmware Version:** V100R012
###Affected_component
/etc/shadow
###Attack_vector
The root password obtained from /etc/shadow can be used for unauthorized root login.
###Discription
H3C Magic B1STV100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
###Refernce
<https://palm-vertebra-fe9.notion.site/H3C-Magic-B1STV100R012-was-discovered-to-contain-a-hardcoded-2a648569ee7f4df8b570632d11032337?pvs=74>
<https://www.h3c.com/cn/d_201609/956059_30005_0.htm>
after decrypt the passwd we got root