Well, this is just standard Aerospace grade software. I would be surprised if you could find a single controller in an airplane without some trivial login credentials.
Exposing software like that to the internet is of course a completely insane step.
8 comments
[ 6.5 ms ] story [ 30.2 ms ] threadExposing software like that to the internet is of course a completely insane step.
I guess they mean you should sell the vulnerability to highest bidder instead of reporting? Weird choice.
Yes, Collins Aerospace is subsidiary of RTX, which is the distributor for a relational database for plane ticket credentials.