CVE-2020-11965

In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH.
Source: NIST
CVE-2020-11965