164 matches found
CVE-2024-39345
The CVE-2024-39345 issue affects AdTran 834-5 HDC17600021F1 devices running SmartOS 11.1.1.1, with a hidden, undocumented hard-coded support account whose password derives from the device MAC. Because all internet-facing interfaces share similar MACs differing only in the final octet, an attacker...
CVE-2023-38120
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...
CVE-2023-38120
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...
CVE-2023-38120
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...
CVE-2023-38120
The CVE-2023-38120 entry describes a vulnerability in the Adtran SR400ac where the ping command, exposed via JSON-RPC, accepts a crafted host parameter that can cause a system call from a user-supplied string, enabling code execution as root. The flaw is reachable over the network and requires au...
CVE-2023-38120 Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...
CVE-2023-38120 Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication...
Adtran SR400ac 安全漏洞
The Adtran SR400ac is a router from the US-based Adtran Corporation. A security vulnerability exists in the Adtran SR400ac that stems from the presence of a ping command injection remote code execution vulnerability, which can be exploited by an attacker to execute code in a root context...
The vulnerability of the Telnet service of the microprogramming-based router AdTran NetVanta 3120 allows a intruder to gain unauthorized access to the device.
The vulnerability of the Telnet service provided by the microprogramming-based router software AdTran NetVanta 3120 is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to the device...
PT-2024-5340 · Adtran · Adtran Srg 834-5
Name of the Vulnerable Software and Affected Versions: AdTran SRG 834-5 devices with SmartOS versions prior to 12.1.3.1 Description: The issue is related to the use of hardcoded credentials in the SSH service of the affected devices. This allows a remote attacker to execute arbitrary operating...
PT-2024-5339 · Adtran +1 · Adtran 834-5 +1
Name of the Vulnerable Software and Affected Versions: AdTran 834-5 HDC17600021F1 SmartOS versions 11.1.1.1 through 12.5.5.0 Description: The issue concerns a hidden, undocumented, hard-coded support account in AdTran 834-5 devices, whose password is based on the device's MAC address. Since all...
PT-2024-5338 · Adtran · Adtran 834-5
Name of the Vulnerable Software and Affected Versions: Adtran 834-5 versions 11.1.0.101-202106231430 SmartOS versions prior to 12.6.3.1 Description: The issue is related to the Ping and Traceroute utilities in the SmartOS operating system of AdTran SRG 834-5 Wi-Fi routers. It allows OS Command...
CVE-2024-28093
The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account...
Adtran NetVanta 3120 安全漏洞
The Adtran NetVanta 3120 is a fixed-port Ethernet router from Adtran USA. A security vulnerability exists in the Adtran NetVanta 3120 version 18.01.01.00.E. The vulnerability stems from the device's TELNET service being enabled by default and having default credentials for a root-level account...
CVE-2024-28093
CVE-2024-28093 affects AdTran NetVanta 3120 devices running version 18.01.01.00.E, where TELNET is enabled by default and uses a root-level credential. The issue is tied to default/root access and could allow unauthorized device access. Mitigation: disable TELNET or restrict access, and apply pat...
CVE-2024-28093
The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account...
CVE-2024-28093
The TELNET service of AdTran NetVanta 3120 18.01.01.00.E devices is enabled by default, and has default credentials for a root-level account...
The vulnerability of the SmartOS WIFI router ADTRAn SR400ac allows a hacker to execute arbitrary code in the context of the root user.
The vulnerability of the SmartOS WIFI router ADTRAn SR400ac operating system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code in the context of the root user...
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ping command, whi...
PT-2023-4340 · Adtran · Adtran Sr400Ac
Name of the Vulnerable Software and Affected Versions: Adtran SR400ac affected versions not specified Description: The issue is related to the lack of input validation in the SmartOS WiFi router ADTRAn SR400ac, allowing remote attackers to execute arbitrary code in the context of the root user. T...