Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass

Auerswald COMfortel 1400/2600/3600 IP is susceptible to an authentication bypass vulnerability. Inserting the prefix "/about/../" allows bypassing the authentication check for the web-based configuration management interface. This enables attackers to gain access to the login credentials used for...

VulnCheck KEV: CVE-2021-40856

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring...

CVE-2021-40856

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring...

CVE-2021-40856

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring...

Authentication flaw

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring...

CVE-2021-40856

Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Authentication Bypass via the /about/../ substring...

CVE-2021-40856

AUERSWALD COMFORTEL 1400/2600/3600 IP devices (pre-2.8G firmware) are vulnerable to an authentication bypass via the "/about/../" path in the web configuration interface, potentially exposing login credentials and other data. The CVE entry and multiple connected sources confirm the vulnerability ...

Auerswald COMfortel 1400和2600 IP 授权问题漏洞

The Auerswald Comfortel 1400 Ip is an Ip phone from Auerswald Germany. A security vulnerability exists in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desk phones. The vulnerability allows access to configuration data and settings in the web-based...

Auerswald COMfortel 1400/2600/3600 IP 2.8F Authentication Bypass

Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in...

Auerswald COMfortel 2.8F - Authentication Bypass

Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration...

Auerswald COMfortel 2.8F - Authentication Bypass Vulnerability

Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface o...