Lucene search
K

10 matches found

OSV
OSV
added 2024/07/24 3:15 p.m.6 views

CVE-2024-39345

AdTran 834-5 HDC17600021F1 SmartOS 11.1.1.1 devices enable the SSH service by default and have a hidden, undocumented, hard-coded support account whose password is based on the devices MAC address. All of the devices internet interfaces share a similar MAC address that only varies in their final...

7.2CVSS6.1AI score0.00534EPSS
Exploits0References3
OSV
OSV
added 2024/07/24 3:15 p.m.4 views

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

8.8CVSS5.8AI score0.01684EPSS
Exploits0References4
NVD
NVD
added 2024/07/24 3:15 p.m.29 views

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

8.8CVSS0.01684EPSS
Exploits0References4
CVE
CVE
added 2024/07/24 12:0 a.m.57 views

CVE-2024-31977

CVE-2024-31977 affects Adtran 834-5 devices (firmware 11.1.0.101-202106231430) with a root cause in the Ping/Traceroute utilities where shell metacharacters allow OS command injection. The vulnerability is addressed by SmartOS version 12.6.3.1 or later; SMARTOS fixes have been backported to the 1...

8.8CVSS9.4AI score0.01684EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2024/07/24 12:0 a.m.58 views

CVE-2024-39345

The CVE-2024-39345 issue affects AdTran 834-5 HDC17600021F1 devices running SmartOS 11.1.1.1, with a hidden, undocumented hard-coded support account whose password derives from the device MAC. Because all internet-facing interfaces share similar MACs differing only in the final octet, an attacker...

7.5CVSS8.1AI score0.00534EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/24 12:0 a.m.18 views

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

9.1AI score0.01684EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/07/24 12:0 a.m.7 views

Adtran 834-5 操作系统命令注入漏洞

The Adtran 834-5 is a Gigabit Ethernet gateway from Adtran USA. An operating system command injection vulnerability exists in the Adtran 834-5 version 11.1.0.101-202106231430, which stems from the device allowing OS commands to be injected into the Ping or Traceroute utility via shell...

8.8CVSS7.7AI score0.01684EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/07/24 12:0 a.m.36 views

CVE-2024-31977

Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.6.3.1, devices allow OS Command Injection via shell metacharacters to the Ping or Traceroute utility...

0.01684EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.7 views

PT-2024-5338 · Adtran · Adtran 834-5

Name of the Vulnerable Software and Affected Versions: Adtran 834-5 versions 11.1.0.101-202106231430 SmartOS versions prior to 12.6.3.1 Description: The issue is related to the Ping and Traceroute utilities in the SmartOS operating system of AdTran SRG 834-5 Wi-Fi routers. It allows OS Command...

8.8CVSS8AI score0.01684EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.7 views

PT-2024-5339 · Adtran +1 · Adtran 834-5 +1

Name of the Vulnerable Software and Affected Versions: AdTran 834-5 HDC17600021F1 SmartOS versions 11.1.1.1 through 12.5.5.0 Description: The issue concerns a hidden, undocumented, hard-coded support account in AdTran 834-5 devices, whose password is based on the device's MAC address. Since all...

7.5CVSS7.9AI score0.00534EPSS
Exploits0References9
Rows per page
Query Builder