23 matches found
CVE-2024-31970
AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...
The vulnerability of the Ping and Traceroute utilities in the SmartOS Wi-Fi router AdTran SRG 834-5 allows a hacker to execute arbitrary operating system commands.
The vulnerability of the Ping and Traceroute utilities in the SmartOS Wi-Fi router AdTran SRG 834-5 is related to the lack of measures taken to neutralize the special elements used in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands on the operating...
CVE-2024-31970
AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...
CVE-2024-31970
AdTran SRG 834-5 HDC17600021F1 devices with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1 have SSH enabled by default, accessible both over the LAN and the Internet. During a window of time when the device is being set up, it uses a default username and password combination of admin/admin with...
AdTran SRG 834-5 HDC17600021F1 操作系统命令注入漏洞
The AdTran SRG 834-5 HDC17600021F1 is a Gigabit Ethernet gateway from Adtran USA. An operating system command injection vulnerability exists in AdTran SRG 834-5 HDC17600021F1 SmartOS version 11.1.1.1, which can be exploited to execute arbitrary operating system commands with root privileges by...
CVE-2024-31970
The CVE-2024-31970 entry concerns AdTran SRG 834-5 HDC17600021F1 devices running SmartOS prior to 12.1.3.1. The root cause is hardcoded SSH credentials (admin/admin) used during a setup window, granting root-level privileges and enabling an attacker to modify the admin account or create a new one...
PT-2024-5340 · Adtran · Adtran Srg 834-5
Name of the Vulnerable Software and Affected Versions: AdTran SRG 834-5 devices with SmartOS versions prior to 12.1.3.1 Description: The issue is related to the use of hardcoded credentials in the SSH service of the affected devices. This allows a remote attacker to execute arbitrary operating...
srg.berlin Cross Site Scripting vulnerability OBB-3311295
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2017-17256
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...
CVE-2017-17251
CVE-2017-17251 is a Huawei H323 protocol null pointer dereference vulnerability affecting multiple Huawei devices (e.g., AR120-S/AR1200/AR150/AR200-series, DR modules, Secospace USG, ViewPoint, etc.). Root cause: insufficient validation of H323 packets leading to a null pointer dereference and po...
CVE-2017-17298
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...
CVE-2017-17286
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R005C32, V200R006C10, V200R007C00,...
Multiple Huawei products cross-border read vulnerability (CNVD-2018-02555)
Huawei AR series routers, SRG series routing gateways, NetEngine16EX, and other products from Huawei China. The out-of-bounds read vulnerability exists in multiple Huawei products and is due to the device failing to adequately validate input. A remote attacker could exploit this vulnerability by...
Denial of Service Vulnerability in Multiple Huawei Products (CNVD-2017-34448)
The AR Series, SRG Series, and NetEngine16EX Services Routing Gateway are Huawei's all-in-one integrated services gateways for small and medium-sized branch offices and SMBs. Huawei SMC2.0 is a video service management platform. A denial-of-service vulnerability exists in multiple Huawei products...
SSH Brute Force Logins With Default Credentials Reporting
It was possible to login into the remote SSH server using default credentials. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nortel Networks SRG V16 modules.php module Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execu...
Nortel Networks SRG V16 admin_modules.php module Parameter Traversal Local File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execu...
Nortel Networks SRG V16 modules.php module Parameter Traversal Local File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execu...
Nortel Networks SRG V16 - modules.php?module Traversal Local File Inclusion
Nortel Networks SRG V16 - modules.php?module Traversal Local File Inclusion source: https://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability...
Nortel Networks SRG V16 - admin_modules.php?module Traversal Local File Inclusion
Nortel Networks SRG V16 - adminmodules.php?module Traversal Local File Inclusion source: https://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include...