Openpilot SSH Key security bypass

Openpilot could allow a remote attacker to bypass security restrictions, caused by the use of a default SSH key. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to the SSH servers with the default key.

Summary:

Openpilot could allow a remote attacker to bypass security restrictions, caused by the use of a default SSH key. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to the SSH servers with the default key.

PoC Links(if available):

Packet Storm Security [12-31-2020]
https://packetstormsecurity.com/files/160735

Known Counter Measures:

No remedy available as of December 31, 2020.

Consequences

Bypass Security