Lucene search
+L

164 matches found

CVE
CVE
added 2024/07/24 12:0 a.m.68 views

CVE-2024-39345

The CVE-2024-39345 issue affects AdTran 834-5 HDC17600021F1 devices running SmartOS 11.1.1.1, with a hidden, undocumented hard-coded support account whose password derives from the device MAC. Because all internet-facing interfaces share similar MACs differing only in the final octet, an attacker...

7.5CVSS8.1AI score0.00534EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.4 views

CVE-2023-38120

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...

8.8CVSS8.1AI score0.03168EPSS
Exploits0References2
OSV
OSV
added 2024/05/03 2:15 a.m.4 views

CVE-2023-38120

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...

8.8CVSS6.3AI score0.03168EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 2:15 a.m.38 views

CVE-2023-38120

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...

8.8CVSS9.3AI score0.03168EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:59 a.m.88 views

CVE-2023-38120

The CVE-2023-38120 entry describes a vulnerability in the Adtran SR400ac where the ping command, exposed via JSON-RPC, accepts a crafted host parameter that can cause a system call from a user-supplied string, enabling code execution as root. The flaw is reachable over the network and requires au...

8.8CVSS9.3AI score0.03168EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/03 1:59 a.m.40 views

CVE-2023-38120 Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...

8.8CVSS9.5AI score0.03168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/03 1:59 a.m.25 views

CVE-2023-38120 Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...

8.8CVSS9AI score0.03168EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.27 views

Adtran SR400ac 安全漏洞

The Adtran SR400ac is a router from the US-based Adtran Corporation. A security vulnerability exists in the Adtran SR400ac that stems from the presence of a ping command injection remote code execution vulnerability, which can be exploited by an attacker to execute code in a root context...

8.8CVSS9.3AI score0.03168EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/04/10 12:0 a.m.7 views

The vulnerability of the Telnet service of the microprogramming-based router AdTran NetVanta 3120 allows a intruder to gain unauthorized access to the device.

The vulnerability of the Telnet service provided by the microprogramming-based router software AdTran NetVanta 3120 is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the device...

9CVSS5.5AI score0.00475EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.6 views

PT-2024-5340 · Adtran · Adtran Srg 834-5

Name of the Vulnerable Software and Affected Versions: AdTran SRG 834-5 devices with SmartOS versions prior to 12.1.3.1 Description: The issue is related to the use of hardcoded credentials in the SSH service of the affected devices. This allows a remote attacker to execute arbitrary operating...

9CVSS10AI score0.00608EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.10 views

PT-2024-5339 · Adtran +1 · Adtran 834-5 +1

Name of the Vulnerable Software and Affected Versions: AdTran 834-5 HDC17600021F1 SmartOS versions 11.1.1.1 through 12.5.5.0 Description: The issue concerns a hidden, undocumented, hard-coded support account in AdTran 834-5 devices, whose password is based on the device's MAC address. Since all...

7.5CVSS7.9AI score0.00534EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.9 views

PT-2024-5338 · Adtran · Adtran 834-5

Name of the Vulnerable Software and Affected Versions: Adtran 834-5 versions 11.1.0.101-202106231430 SmartOS versions prior to 12.6.3.1 Description: The issue is related to the Ping and Traceroute utilities in the SmartOS operating system of AdTran SRG 834-5 Wi-Fi routers. It allows OS Command...

8.8CVSS8AI score0.01684EPSS
Exploits0References11
NVD
NVD
added 2024/03/26 12:15 p.m.19 views

CVE-2024-28093

The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account...

8.8CVSS6.8AI score0.00475EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.5 views

Adtran NetVanta 3120 安全漏洞

The Adtran NetVanta 3120 is a fixed-port Ethernet router from Adtran USA. A security vulnerability exists in the Adtran NetVanta 3120 version 18.01.01.00.E. The vulnerability stems from the device's TELNET service being enabled by default and having default credentials for a root-level account...

8.8CVSS6.8AI score0.00475EPSS
Exploits0References4
CVE
CVE
added 2024/03/26 12:0 a.m.64 views

CVE-2024-28093

CVE-2024-28093 affects AdTran NetVanta 3120 devices running version 18.01.01.00.E, where TELNET is enabled by default and uses a root-level credential. The issue is tied to default/root access and could allow unauthorized device access. Mitigation: disable TELNET or restrict access, and apply pat...

8.8CVSS9.2AI score0.00475EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/03/26 12:0 a.m.15 views

CVE-2024-28093

The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account...

8.8AI score0.00475EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/26 12:0 a.m.24 views

CVE-2024-28093

The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account...

7AI score0.00475EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/08/15 12:0 a.m.10 views

The vulnerability of the SmartOS WIFI router ADTRAn SR400ac allows a hacker to execute arbitrary code in the context of the root user.

The vulnerability of the SmartOS WIFI router ADTRAn SR400ac operating system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the root user...

9CVSS8.1AI score0.03168EPSS
Exploits0References5Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2023/07/28 12:0 a.m.41 views

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ping command, whi...

8.8CVSS7.7AI score0.03168EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/28 12:0 a.m.26 views

PT-2023-4340 · Adtran · Adtran Sr400Ac

Name of the Vulnerable Software and Affected Versions: Adtran SR400ac affected versions not specified Description: The issue is related to the lack of input validation in the SmartOS WiFi router ADTRAn SR400ac, allowing remote attackers to execute arbitrary code in the context of the root user. T...

9CVSS9.2AI score0.03168EPSS
Exploits0References7
Rows per page
Query Builder