The security vulnerability (root)of reach M+ on firmware 31.3

I hope this message finds you well. I am an independent researcher student and while using your product, Reach M+, I believe I have discovered a potential security vulnerability that could be of significant concern. The vulnerability can be used in my device reach M+ on firmware 31.3 version to get root privileges.

Before I provide detailed information about this issue, the specifics of the vulnerability and the method of exploitation, I want to another sample hardware device for further evaluation and assessment of the issue, and a possible reward upon successful verification and remediation of the identified vulnerability.

Thank you for considering my request. I look forward to your response.

Just curious what kind of things you think could happen if one were to gain root access to a device such as this?

1 Like

Em… You can do anything in OS, such as Access and Modify Any Files, Install/Uninstall Software and Services, Change System Settings,Create and Manage User Accounts,Start and Stop Any Services

Sorry if my question irritates you but I am seriously curious. The only instances where one of these devices would be connected to the internet would be during a firmware update or operating a CORS. None of ours have ever been connected to a PC so I assume if access through a LAN Wi-Fi router or private hotspot were obtained then something could be done to the mobile device?

Yes, you can find the IP address of the device and with the SSH connection to execute commands as normal user. And with this ssh shell you can get root access.

1 Like

The default ssh password is ‘emlidreach’, a weak password

Thanks.