26 matches found
CVE-2024-36441
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...
CVE-2024-36445
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication...
CVE-2024-36444
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...
CVE-2024-36441
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...
CVE-2024-36442
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...
CVE-2024-36444
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...
CVE-2024-36440
An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used...
CVE-2024-36439
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password...
CVE-2024-36443
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP...
CVE-2024-36440
An issue was discovered on Swissphone DiCal-RED 4009 devices. An attacker with access to the file /etc/deviceconfig may recover the administrative device password via password-cracking methods, because unsalted MD5 is used...
CVE-2024-36442
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...
CVE-2024-36441
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device...
PT-2024-27004 · Swissphone · Swissphone Dical-Red 4009
Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 devices affected versions not specified Description: The issue allows an unauthenticated attacker to gain access to device logs through the cgi-bin/fdmcgiwebv2.cgi endpoint on Swissphone DiCal-RED 4009 devices...
PT-2024-27005 · Swissphone · Swissphone Dical-Red 4009
Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 devices affected versions not specified Description: The issue allows a remote attacker to gain a root shell via TELNET without authentication. Recommendations: At the moment, there is no information about a newer...
CVE-2024-36444
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...
CVE-2024-36445
CVE-2024-36445 affects Swissphone DiCal-RED 4009 devices, where an unauthenticated TELNET access path permits a remote attacker to obtain a root shell. The advisory and linked sources describe a missing-authentication vulnerability (CWE-306) in the DiCal-RED 4009 module, with the CVSSv3.1 vector ...
PT-2024-27003 · Swissphone · Swissphone Dical-Red 4009
Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 version not specified Description: The issue allows a remote attacker to gain read access to almost the whole file system via anonymous FTP. This could potentially expose sensitive data. There is no information...
PT-2024-27002 · Swissphone · Swissphone Dical-Red 4009
Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 affected versions not specified Description: The issue allows an authenticated attacker to gain access to arbitrary files on the device's file system through the cgi-bin/fdmcgiwebv2.cgi endpoint. Recommendations: At...
CVE-2024-36443
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP...
CVE-2024-36441
CVE-2024-36441 affects Swissphone DiCal-RED 4009 devices. An unauthenticated actor can connect to TCP port 2101 and gain access to operation messages received by the device. The Red Hat advisory and PacketStorm entries corroborate this information. No specific exploit details, affected versions b...