Zeroshell | |
Developer: | Fulvio Ricciardi |
Family: | Linux (Unix-like) |
Working State: | Discontinued |
Source Model: | Open source |
Discontinued: | yes |
Latest Release Version: | 3.9.5 |
Supported Platforms: | IA-32, x86-64, ARM |
Kernel Type: | Monolithic |
License: | GNU GPL |
Zeroshell is a small open-source Linux distribution for servers and embedded systems which aims to provide network services.[1] [2] Its administration relies on a web-based graphical interface; no shell is needed to administer and configure it. Zeroshell is available as Live CD and CompactFlash images, and VMware virtual machines.
Zeroshell can be installed on any IA-32 computer with almost any Ethernet interface. It can also be installed on most embedded devices and single-board computers such as Raspberry Pi and Orange Pi.[3]
The project reached EOL in April of 2021 with the version 3.9.5.[4] There are several known vulnerabilities for various versions of this software: V2, V3.6x up to V3.7, V3.9.0, V3.9.3 and last V3.9.5 for example,[5] allowing an attacker to e.g. gain root access to the device easily. The main attack vector is the cgi script in use, 'kerbynet'.