909 matches found
CVE-2021-40858
Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring...
CVE-2021-40857
Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring...
CVE-2021-40857
Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring...
Arbitrary file deletion
Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring...
Privilege escalation
Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring...
CVE-2021-40858
Auerswald COMpact 5500R and related models are affected by CVE-2021-40858 via an Arbitrary File Disclosure in the web-based management interface. The root cause is a path traversal issue that lets users with sub-admin privileges read files on the device, exposing cleartext admin passwords through...
CVE-2021-40858
Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring...
CVE-2021-40857
CVE-2021-40857 affects Auerswald COMpact line (notably 5500R) and related models. The vulnerability is a Privilege Escalation in the web-based management interface, exploitable via the passwd=1 substring, allowing low-privileged users to obtain administrator passwords. Affected versions are ≤ 8.0...
CVE-2021-40857
Auerswald COMpact 5500R devices before 8.2B allow Privilege Escalation via the passwd=1 substring...
Auerswald Compact has an unspecified vulnerability
The Auerswald Compact Series is an Ict solution from Auerswald Germany. a security vulnerability exists in the Auerswald Compact Series that could be exploited by an attacker to access a web-based management application for full administrative access to the device...
CVE-2021-40859
Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device...
Design/Logic Flaw
Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device...
CVE-2021-40859
Auerswald COMpact 5500R 7.8A and 8.0B devices expose an unauthenticated endpoint at https://192.168.1.2/about_state that enables backdoor access to the web interface and can reset the administrator password. This yields full administrative access and credentials disclosure risk via unauthenticate...
CVE-2021-40859
Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device...
Auerswald COMpact 8.0B - Privilege Escalation Vulnerability
Exploit Title: Auerswald COMpact 8.0B - Privilege Escalation Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Privilege Escalation RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged...
Auerswald COMpact 8.0B Arbitrary File Disclosure
Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Details ======= Product:...
Auerswald COMpact 8.0B Privilege Escalation
Advisory: Auerswald COMpact Privilege Escalation RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts. Details ======= Product: COMpact 4000,...
Auerswald COMpact 8.0B - Arbitrary File Disclosure
Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX...
Auerswald COMpact 8.0B - Privilege Escalation
Exploit Title: Auerswald COMpact 8.0B - Privilege Escalation Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Privilege Escalation RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allow...
Auerswald Compact 系列安全漏洞
Auerswald Compact Series is an Ict solution from Auerswald Germany. an elevation of privilege vulnerability exists in Auerswald COMpact 5500R, which can be exploited by attackers to obtain administrator account passwords for elevation of privilege...